OPNsense Forum
Archive => 20.1 Legacy Series => Topic started by: knossos on May 11, 2020, 12:19:41 pm
-
Hi,
I have configured OPNsense with several VLAN interfaces as well as unbound DNS. While in general it is working just fine, my problem is that for the local system name, UnboundDNS returns the IP addresses of all interfaces (i.e. including VLAN interfaces). Instead, I would like it to return only the single IP address where the web interface is listening on.
Thus if a user enters https://firewall_hostname into the browser, the name should resolve to the one IP address where the OPNsense webserver is listening. At the moment, accessing https://firewall_hostname does not work as the UnboundDNS resolves this address to many IP addresses. The brower takes the first one which is the interface address of a VLAN where there is no webserver listening. As a result, the firewall can be accessed only by directy using the IP address instead: http://<FW IP>
UnboundDNS is set up the following way:
Network Interfaces: <all interfaces, so that it can respond to queries on all interfaces>
DNS Query Forwarding: not enabled
Local Zone Type: transparent
custom options:
------------------------------------------
server:
forward-zone:
name: "."
forward-ssl-upstream: yes
forward-addr: <ext Server>
------------------------------------------
In the UnboundDNS override configuration, I added an overwrite for firewall_hostname so that it resolves to a single IP address only. However, the override does not appear to be working.
How can I set up UnboundDNS so that for the name firewall_hostname it only returns the IP Adress of the interface where the web console is running instead of returning the IP addresses of all interfaces ?
Thank you !