Hello,
I've just installed OPNsense 23.1.7_3-amd64 and found a strange behavior I've never seen before.
I have only one WAN and set firewall rule, NAT and Unbound like normal, everything work fine.
(https://i.ibb.co/X4mq0x0/H2.png)
(https://i.ibb.co/cDJnr0r/H3.png)
(https://i.ibb.co/864C5sd/H6.png)
I test to see if policy route works or not before adding more VPN connection:
(https://i.ibb.co/2SLBC8V/H4.png)
And headache begins, pings still ok but can not resolve DNS:
(https://i.ibb.co/FbCtdb0/H5.png)
Restart Unbound, restart OPNsense and still no luck. It only resolves DNS again when I put Gateway in Firewall rule back to Default.
Please help me, thank you and much appreciate.
Is unbound listening on 192.168.1.1? Also verify your lan.net is allowed in unbound access list
Check as well that Query forwarding is enabled to correct servers.
Rgds
Quote from: zan on May 21, 2023, 06:28:47 AM
Is unbound listening on 192.168.1.1? Also verify your lan.net is allowed in unbound access list
Quote from: FraLem on May 21, 2023, 11:30:56 AM
Check as well that Query forwarding is enabled to correct servers.
Rgds
Sure things, because Unbound already works when Firewall rule uses Default gateway
(https://i.ibb.co/G3dpz09/H7.png)
(https://i.ibb.co/CsYkLkj/H8.png)
(https://i.ibb.co/RQCdRW0/H9.png)
Ah sorry I missed the gateway part. You can't reach your OPNsense's LAN IP (192.168.1.1) with that rule.
Add '!This Firewall' to that rule (Destination: 'This Firewall' and turn on the 'Destination/Invert').
Quote from: zan on May 21, 2023, 02:55:26 PM
Ah sorry I missed the gateway part. You can't reach your OPNsense's LAN IP (192.168.1.1) with that rule.
Add '!This Firewall' to that rule (Destination: 'This Firewall' and turn on the 'Destination/Invert').
Already try this rule: LAN net ---> !This firewall --> WANPPPOE with the same result, no luck.