OPNsense Forum
Archive => 18.7 Legacy Series => Topic started by: luis on March 14, 2019, 10:49:50 am
-
Hi.
I'm running the latest 18 version on an APU4C4 Hardware. This version was installed initially, when I set up the hardware.
First I configured it via wizzard with a static public ip address on WAN and class c network on LAN. After finishing the wizzard I configured the DHCPv4 service for the LAN with the local ip address of the opnsense for DNS. The opnsense didn't answer for DNS request from the clients, even though the default allow rule on LAN existed. I also tried to set an explicit allow rule for local DNS service, but didn't helped. When I changed the DNS settings in the DHCP services to public DNS the clients in the LAN were working.
I tried a lot of combinations in the general settings, with and without onbound etc, made reboots within changes, non of them solved the name resolution problem.
Next I enabled SSH, logged in and the saw that the system also isn't able to resolve hosts locally. Again i tried the different DNS related settings and checked /etc/resolv.conf in order to get an idea of what is happening. But i always got this, when I try to resolve external hosts via shell:
;; connection timed out; no servers could be reached
1st question: Where do I find a documentation that explains a best practice to configure the DNS on OPNsense.
As this is a simple setup for a small office with a few people I kept the public DNS in the DHCPv4 settings and let it run. In order to trouble shoot the DNS problem remotely, I changed the webadmin port to 4444 and enabled the service on WAN. The same I did to SSH. Because I wasn't able to access the webadmin and SSH remotely I set up rules on WAN like I need with pfsense. But this didn't work as well. I can see the incoming packets passed in the logfile and tcpdump, but they stay unanswered.
2nd question: Where do I find a documentation that explains a best practice to configure remote access to OPNsense webmin and SSH.
I have some dozens of pfsense out there but I assumed that I'm still not experienced enough to do a proper setup with OPNsense. So i decided to set up a VM with OPNsense. I downloaded the 19.1 ISO images from three different mirrors. All three compressed images where broken. All three do have wrong md5sums.
3rd question: Where do I get a working iso image to set up a training VM?
Kind Regards
Luis
-
First things first, we don't offer MD5 sums anymore since at least 18.1. How are you verifying? oO
Cheers,
Franco
-
I overlooked sha256.
And the image weren't broken. Nautilus has somehow a problem with the files.
Sorry.
-
@Franco
Can you give me a hint how to get at least local name resolution running and how to access webadmin and ssh remotely?
Cheers,
Luis
-
Hi Luis,
You need to be more specific. GUI / SSH Access from WAN? Is your WAN a private address range?
Local resolution should work by default. It kind of sounds like you have WAN and LAN reversed.
Cheers,
Franco
-
Hi.
I used the wizard and assigned the default interfaces to LAN and WAN.
WAN was configured with static public IP addresses.
I'll start a second installation with the newest version on another SDcard just to verify that it isn't caused by a defective base installation.
rgds
Luis
-
Hi Luis,
If you have static WAN don't forget to set up a gateway. Otherwise nothing works.
Cheers,
Franco