I have 2 VLANs routed through Wireguard & OpenVPN connection to a VPN provider. But now all other non-VPN VLANs now don't have internet access anymore. I want internet access.
I've basically followed the Wireguard Selective routing Guide to T!
Confusing! I don't think in the firewall rules for each non-VPN VLAN, I need to specify the WAN gateway do I? Well, I've done it anyway, and even for the non-VPN VLANs, there is *still* no internet access.
Sorry I'm new here, I don't know if people post configs or whatever. This is what I've done so far.
I have:
- Created a FW rule in the FW Group with VLAN_20 + VLAN_30 called FGVPN_VLANS. These are to be routed through the VPN
- Created a Gateway Group called GG_VPN_Gateways with WRGD as Tier 1, OVPM as Tier 2
- Created a FW rule in the FW Group that is:
Interface: FGVPN_VLANS
direction: in
Source: FGVPN_VLANS
Destination invert: checked
Destination: RFC1918_Networks
Gateway: GG_VPN_Gateways
Tag: NO_WAN_EGRESS
- Created NAT Outbound rule:
Interface: GGVPN_Gateway
TCP/IP: IPv4
Protocol: any
Source: FGVPN_VLANs net
Destination: any
- DNS
Settings: General no DNS listed (so it's blank)
- Fixed DNS leaks
In Services → DNS Resolver
Network Interfaces Interfaces: LAN, VLAN_20, VLAN_30
Outgoing Network Interfaces: OVPN, WRGD (both checked)
Is there something I need to do or check?
OH MY GOSH the craziness. I sort of found a half answer.
anyway if this helps anyone out...
For the VLAN30 which I wanted to have its own DNS
I had to:
In System: Settings: General
- has no DNS server set, all the dns servers fields are blank.
- 'Do not use the local DNS service as a nameserver for this system' is ticked.
In DHCPv4: VLAN30: I manually put in the DNS I wanted.
So it's DNS related. But not working.
from this post (https://forum.opnsense.org/index.php?topic=23686.msg112725#msg112725)
However, the other VLAN20 DNS still struggling. It has no manual DNS set (I want it to use Unbound DNS)
And none of the other VLANs seem to use Unbound either.