Text only | Text with Images

OPNsense Forum

English Forums => 25.7 Series => Topic started by: verasense on August 22, 2025, 01:00:34 AM

Title: Long wait to access router's GUI (DNS issue)
Post by: verasense on August 22, 2025, 01:00:34 AM
I am using version 25.7, but I have had this (likely misconfiguration) problem in older versions.

The main issue is that when I access the router GUI by name from Chrome (https://router.domain) it either times out or takes a very long time to respond (~20-30 secs). However, if I use the IP directly, Opnsense GUI loads immediately. This only happens from the Web browser, from curl it always loads immediately.

My DNS server is configured in the clients via DHCP to point to the router itself. But DNS requests for the router name return all router's IPs (from all VLANs and WAN), as I see from nslookup. I suppose that one of the possible causes for my problem can be that if the DNS response includes first an IP that is not accessible from my computer's VLAN, the computer unsuccessfully tries to connect and waits for the timeout.

I tried to make Opnsense to return its IP according to the VLAN of the requestor. If client is 192.168.0.20, then return 192.168.0.1, if it is in 10.0.0.20, then return 10.0.0.1, and so on. But I did not succeed. The "Host overrides" does not work like this, since I cannot specify specific VLANs for the specific answers.

Using Wireshark I can see that, sometimes, the DNS request asks for router.domain.domain. So sometimes, using https://router.domain. worked immediatelly. BUT sometimes it did not (and that is why I thought of the problem with DNS returning all interfaces' IPs). To avoid this double domain search I tried the "Domain search list" in the interface, unsuccessfully.

I tried some resources (eg. https://homenetworkguy.com/how-to/confused-about-dns-configuration-in-opnsense/) but could not make much sense for my situation.

Is there anything else I can try to configure properly this?  Is it not possible to configure this like I want as I am expected to use different domains for different VLANs to solve these issues?

Thanks
Title: Re: Long wait to access router's GUI (DNS issue)
Post by: verasense on August 22, 2025, 02:40:38 AM
It seems I was right, with Wireshark I can see that the DNS returns several addresses and the browser attempts to access them one by one until one works and displays the login page - herein the long delay. Is there a way to instruct Opnsense to send the specific IP address of the router that is in the same VLAN as the request?
Text only | Text with Images