OPNsense Forum

English Forums => General Discussion => Topic started by: pankaj on April 11, 2021, 06:32:10 am

Title: Firewall rules - likely DNS issue [Solved]
Post by: pankaj on April 11, 2021, 06:32:10 am

HI,

I have a GuestWiFi running on a separate VLAN which was working till few days back but has stopped working. For troubleshooting I have disabled all rules on GuestWiFi and allowing all traffic out.

The log view shows that host on this VLAN is trying to resolve DNS query but nothing nothing seems to be coming back as DNS resolution response. So the internet is not reachable on this VLAN and I cannot make any sense out of this behavior.

Any pointers?

Title: Re: Firewall rules - likely DNS issue
Post by: bartjsmit on April 11, 2021, 08:05:35 am

What does ping 8.8.8.8 from the client give you?

Title: Re: Firewall rules - likely DNS issue
Post by: chemlud on April 11, 2021, 12:17:17 pm

Do a package capture on (Interfaces - Diagnostics) and look if there is any reply coming back to the clients....

Title: Re: Firewall rules - likely DNS issue
Post by: pankaj on April 11, 2021, 07:38:30 pm

@bartjsmit and @ chemlud - thanks for the inputs. The ping to 8.8.8.8 was not working that alerted me to look at the live firewall logs (screen captured earlier). But I wish if I had the presence of mind to capture packets...it could've saved me few hours!! I will be sure to remember that in future.

Anyway the problem got solved and the culprit was not OPNSense but the TP-Link wireless router. When I enabled the AP mode for its operations, it seems one of the obscure setting for "Enable SIP Firewall" got activated. So it was the router that was blocking traffic all this time  >:(

Thanks again for your comments and helpful insights  :)