I added a new nic ( as a guest network ) to opensense. I followed this guide ( https://www.zenarmor.com/docs/network-security-tutorials/how-to-configure-captive-portal-on-opnsense ) I have only set up the firewall rules and have not started on the captive portal.
once set up I was testing and everything seemed to work but when I was connecting to the firewall itself I would interminably get a lag before pages would load. This seemed to me like a timeout of some kind.
doing an nslookup on my firewall from my linux box gave two responses 1 for each network
fred@alice:~# nslookup myfirewall.net
Server: 127.0.0.53
Address: 127.0.0.53#53
fred@alice:~# nslookup myfirewall.net
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
Name: myfirewall.net
Address: 192.168.10.1
Name: myfirewall.net
Address: 192.168.20.1
the .20 is on the new network and has a rule that blocks access to the firewall from that network. (see zenarmor link)
this means when going to my firewall gui if dns resolves to 192.168.20.1, the request times out because the fw rule does not allow access to the gui on 192.168.20.1
I have tried adding a dns override but this has not solved my issue. ( the override ip is given when looking up the override name but nslookup
myfirewall.net still gives both ips.)
I am not sure how to attack this problem.
Thanks for your time,
GF
Check: Services > Unbound DNS > General > Do not register system A/AAAA records. Then your override will be the only record returned.
Thanks! that seems to have addressed my issue.