Skip to main content

OPN200 - Failed to Apply OPNsense Alias Changes

Agent error code #207200#OPN200 indicates that the alias entry was added or removed successfully, but the subsequent apply step failed. Without the apply, the change is not persisted to the saved configuration and will be lost on the next filter reload.

This error is distinct from alias add/remove failures (#207102,#OPN102, #207103)#OPN103), which fail before any change is made. Error #207200#OPN200 means the change was made in memory but could not be committed.

Common causes include:

  • The API user's group is missing the privilege that controls applying alias changes (the Firewall: Alias: Apply entry, or equivalent in your OPNsense version)
  • An unrelated configuration change on OPNsense is in an invalid state and apply is refusing to run
  • A filter reload triggered by another change is already running and the apply call timed out

Steps to Resolve

Apply Pending Changes From the OPNsense UI

  1. Log into OPNsense and navigate to Firewall > Aliases
  2. If a yellow apply banner is shown, click Apply to commit the change. Any underlying configuration error will surface here

Verify Apply Privilege on the API User's Group

  1. Navigate to System > Access > Groups and open the group the API user belongs to
  2. Confirm the privilege that controls applying alias changes is present (the entry is named Firewall: Alias: Apply or similar, depending on the OPNsense version)
  3. Save and retry the grant

For the full privilege list, see the OPNsense setup guide.

Check the OPNsense System Log

  1. Navigate to System > Log Files > General and look for entries around the time of the failure
  2. Errors during apply are usually logged here with the underlying cause (typically a syntax error in an unrelated rule)

Still Having Issues?

We can help you out, contact us at support@knocknoc.io.

Back to top