i am using Zenarmor , crowdsec and unboundDNS. But suddenly, i can't access office365 web site anymore using unbound with or without blocklist. If i change my dns to, for exemple 8.8.8.8. i've acces to office365 webapp with no problem.
i have try to add a lot of whitelist url in unbound to no success.
Anybody on the same situation ? As far as i can say, everything else is working well with unbound except office365
The domain office365.com is redirected to https://www.microsoft.com/en-us/microsoft-365?ms.url=office365com&rtc=1 as they changed Office 365 to Microsoft 365 (Office + Windows).
https://bgp.he.net/dns/office365.com#_website
What does nslookup office365.com say?
What happens with https://status.office365.com, does it load?
In my case, checking the Unbound logs really helped pinpoint the issue, so that might be worth a shot for you too. Adding whitelisted URLs should usually work, but I've also found that DNSSEC settings can sometimes cause access problems.
If it keeps acting up, you might consider looking into the microsoft 365 price (https://www.spendbase.co/vendors/microsoft-365/) for a more stable experience. I found that having direct access without these DNS headaches made a big difference.
That goes exactly into the direction we were recently discussing on the German board of this forum: https://forum.opnsense.org/index.php?topic=43283.15 (https://forum.opnsense.org/index.php?topic=43283.15)
I also had the problem, that some domains were not correctly resolved by unbound. Only after adding an excemption to e.g. office.com with lookup via 8.8.8.8 I was able to correctly access the webpages. User "abulafia" confirmed that he/she also had this issue.
The problem is that the issue only occurs occationally. That makes it difficult to track the problem.
Today I experienced the same problem again, different domain. After setting 8.8.8.8 as DNS in Adguard, everything worked fine. Unbound didn't throw any errors, so, no Idea how to track the issue.
Any ideas here?