Hi all. I have a problem to Force redirect DNS to AdGuard. Clients take 10.0.0.1 (opnsense ip adress) with dhcp and use dns 10.0.0.1 to connect internet. But when I add manual 1.1.1.1 dns address to my client cannot use 10.0.0.1. I add firewall rules but not working. Can you help me ?
C:\Users\IT>nslookup google.com
Server: one.one.one.one
Address: 1.1.1.1
Non-authoritative answer:
Name: google.com
Addresses: 2001:4860:4802:32::78
216.239.38.120(https://iili.io/3N5XQBp.md.png) (https://freeimage.host/i/3N5XQBp)
(https://iili.io/3N5Xt4I.md.png) (https://freeimage.host/i/3N5Xt4I)
(https://iili.io/3N5XsQR.md.png) (https://freeimage.host/i/3N5XsQR)
(https://iili.io/3N5Xihv.md.png) (https://freeimage.host/i/3N5Xihv)
(https://iili.io/3N5Xb2t.md.png) (https://freeimage.host/i/3N5Xb2t)
(https://iili.io/3N5XmYX.md.png) (https://freeimage.host/i/3N5XmYX)
maybe this can get you started:https://homenetworkguy.com/how-to/redirect-all-dns-requests-to-local-dns-resolver/ (https://homenetworkguy.com/how-to/redirect-all-dns-requests-to-local-dns-resolver/)
Quote from: RamSense on May 05, 2025, 11:41:24 AMmaybe this can get you started:https://homenetworkguy.com/how-to/redirect-all-dns-requests-to-local-dns-resolver/ (https://homenetworkguy.com/how-to/redirect-all-dns-requests-to-local-dns-resolver/)
Tried,not work.
I see you wrote Adguard, do you use this or Aguard Home? aka the plugin in - https://www.routerperformance.net/opnsense-repo/ (https://www.routerperformance.net/opnsense-repo/)
With the latter, what installation guide did you follow? There is lots of info about it on the forum here, e.g. https://forum.opnsense.org/index.php?topic=22162.0 (https://forum.opnsense.org/index.php?topic=22162.0)
Destination is Not /32 normaly /24
Quote from: Wolke68 on May 05, 2025, 04:16:25 PMDestination is Not /32 normaly /24
Even I tried /24
Quote from: RamSense on May 05, 2025, 02:28:18 PMI see you wrote Adguard, do you use this or Aguard Home? aka the plugin in - https://www.routerperformance.net/opnsense-repo/ (https://www.routerperformance.net/opnsense-repo/)
With the latter, what installation guide did you follow? There is lots of info about it on the forum here, e.g. https://forum.opnsense.org/index.php?topic=22162.0 (https://forum.opnsense.org/index.php?topic=22162.0)
I installed AdGuard home with this steps https://www.routerperformance.net/opnsense-repo/ (https://www.routerperformance.net/opnsense-repo/)
I suspect the OP is mislead by the console output that redirection is not working.
C:\Users\IT>nslookup google.com
Server: one.one.one.one
Address: 1.1.1.1
Non-authoritative answer:
Name: google.com
Addresses: 2001:4860:4802:32::78
216.239.38.120The client still believes it queried 1.1.1.1 after all.
It might still have been redirected to AGH.
Querying AGH's query log might be a more appropriate method to verify the redirection worked...
Or check the FW logs while querying a DNS server you don't really use. You should in on "LAN" with server specified, out on WAN with whatever upstream server is used in OPN/AGH.
Or query a local name from a public DNS:
C:\Users\me>nslookup dvr10.fun.home 8.8.8.8
Server: dns.google
Address: 8.8.8.8
Non-authoritative answer:
Name: dvr10.fun.home
Address: 10.100.100.186