Running ntopng fails to load the maxmind geo databases (and produces a notice at the top of ntop pages that geo isn't enabled.) It appears that the maxmind databases need to be in /usr/local/share/ntopng/httpdocs/geoip/ and aren't even though a geo URL is provided in Firewall:Aliases as described in https://docs.opnsense.org/manual/how-tos/maxmind_geo_ip.html. The situation is described some in https://forum.opnsense.org/index.php?topic=17077.0 but ultimately, /usr/local/bin/ntopng-geoip2update.sh needs to be updated to move the required databases to that directory since it doesn't try to pull the keyed versions of the files currently. Perhaps Firewall:Aliases needs to be updated to require just a key instead of a URL and the proper URLs generated from that key. The following manual commands worked for me to enable ntopng geo. (substituting an appropriate license key)
curl -o GeoLite2-City.tar.gz "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=LICENCE_KEY&suffix=tar.gz"
curl -o GeoLite2-ASN.tar.gz "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-ASN&license_key=LICENSE_KEY&suffix=tar.gz"
curl -o GeoLite2-Country.tar.gz "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country&license_key=LICENSE_KEY&suffix=tar.gz"
tar xvzf GeoLite2-ASN.tar.gz
tar xvzf GeoLite2-City.tar.gz
tar xvzf GeoLite2-City.tar.gz
mv GeoLite2-*_*/*.mmdb /usr/local/share/ntopng/httpdocs/geoip/
rm -rf GeoLite2-*
Running ntopng fails to load the maxmind geo databases (and produces a notice at the top of ntop pages that geo isn't enabled.) It appears that the maxmind databases need to be in /usr/local/share/ntopng/httpdocs/geoip/ and aren't even though a geo URL is provided in Firewall:Aliases as described in https://docs.opnsense.org/manual/how-tos/maxmind_geo_ip.html. The situation is described some in https://forum.opnsense.org/index.php?topic=17077.0 but ultimately, /usr/local/bin/ntopng-geoip2update.sh needs to be updated to move the required databases to that directory since it doesn't try to pull the keyed versions of the files currently. Perhaps Firewall:Aliases needs to be updated to require just a key instead of a URL and the proper URLs generated from that key. The following manual commands worked for me to enable ntopng geo. (substituting an appropriate license key)
Followed by a restart of ntopng