In preparation to setup a new router running OPNSense, I wanted to investigate the functionality of OPNSense and familiarise myself with it. As the only VM platform I have available curerntly is Incus (though in the future I intend to deploy Proxmox), I tried to setup an OPNSense VM under Incus but had problems.
It appears that the default settings Incus uses when creating VM’s (which use KVM underneath) are not compatible with FreeBSD, which OPNSense is based on. After some research (link) and some experimentation, it looks like the following configuration changes are the minimum required to make OPNSense work (and likely other FreeBSD based operating systems):
raw.qemu: |
-cpu host
raw.qemu.conf: |
[device "dev-qemu_rng"]
security.secureboot: 'false'
These can be modified either through the Incus/LXD Web UI or by running incus config edit <machine name>. The block above should be placed in the config: key within the config file.