Blog: Fix for OPNsense Boot Failure in Virtual Machine (Proxmox)

I discovered a solution to an annoying issue in OPNsense/HardenedBSD. The issue arises when you try to use particular older AMD CPUs with recent versions of OPNsense. Here's the fix.

Image of a network switch Thomas Jensen - Unsplash

The Problem

I tried to install OPNsense inside a Proxmox virtual machine (via an ISO image), but the OPNsense installer kept bootlooping.

This issue arises when you try to use particular older AMD CPUs with recent versions of OPNsense. If you're here, you're probably having the same issue. The issue also occurs after installation.

The problem itself is actually caused by a security protection measure in the HardenedBSD boot loader. Fixing the issue means your system will be more vulnerable to Meltdown - however, you can get around this with other security measures. I would still recommend upgrading your hardware in the future!

The Fix

The fix is simple - I found it on the last post on this page.

  1. Launch the virtual machine with the OPNsense ISO image mounted as a CDROM drive
  2. When the bootloader appears (with various numbered options), press 3
  3. Type the following: set vm.pmap.pti="0" and press Enter
  4. Type the following: boot and press Enter again
  5. Wait and watch the successful boot

Persistence

To make this fix persistent, and ensure the vm.pmap.pti value is automatically set every time, do the following:

  1. Create (or modify) the file /etc/boot/loader.conf.local (it must end in .local)
  2. Add the following to the end of the file: vm.pmap.pti="0"
  3. Save the file and reboot your system

I hope this helped you - if it did, please follow me on Twitter or Like my Facebook page (I won't ask you to do both)!

...and of course, if you need a web developer, get in touch!