So I have opnsense updated to latest firmware...
1. Use adguard as DNS
2. Have it pointing to Unbound as a private reverse DNS server
3. I have no blocklists in Unbound. I just have DNS over TLS servers
If I disable adguard protection. It's still blocked. Same goes with a lot of redirect links. Browser doesn't matter. If I go off my network, I have 0 issues accessing the same things.
And since updating to the latest firmware / updates on opnsense...
1. Adguard keeps complaining it can't update
2. All my docker containers on Unraid no longer can do version checks and some updates timeout / fail
I'm not sure about those two but at the very least I'd like to know what could be blocking access to some websites and redirects.
What ports are you using for Unbound and for AdguardHome ? I'd like to understand the flow. Is it LAN client > AdGuard on 53 > Unbound on (port what) ?
So what do you have in AdG upstream servers (ip and port) and bootstrap servers ?
I have Adguard pointing to Unbound as an upstream server on...
192.168.10.1:65353
And Adguard running on port 53 on the same device as opnsense
With that said, I just noticed the Unbound reporting page. Why would it have a top blocked lists using some block list if I don't have it enabled with any block lists?
So additional testing...
1. If I set the DNS ip address 1.1.1.1 on any device, I no longer have this issue
2. I updated the upstream dns server on adguard to "tls://one.one.one.one" and that seems to resolve the issue as well
So it's unbound it looks like and unclear why it's doing any level of blocking if I don't have anything enabled?
Yes seems that way but sorry, can't offer an explanation.
I also have AdGH pointing to Unbound on a custom port like you. I don't see this behaviour but, my DoT is done differently from Unbound out.