OPNsense Forum

English Forums => General Discussion => Topic started by: 424778940 on May 08, 2023, 02:31:50 pm

Title: [solved] How to let OPNsense's dns server use a dns server on lan?
Post by: 424778940 on May 08, 2023, 02:31:50 pm: Nevermind I fixed the issue

My issue is:
I cannot contact external DNS servers directly, it has to be through a proxy.
The DNS proxy server is on my LAN network, but OPNsense seems only fetch DNS through "gateway" which is WAN only
The DNS proxy have it's own set of trusted DNS server IP addresses, not rely on any other DNS

What I have tried:
in System: Settings: General, removed all DNS servers, unchecked "Allow DNS server list to be overridden by DHCP/PPP on WAN"
In Unbound settings, set "Network Interfaces" and "Outgoing Network Interfaces" both to LAN, and manually added my DNS proxy server in Query Forwarding

Code: [Select]
# resolve from OPNsense % nslookup google.com 192.168.5.1 Server: 192.168.5.1 Address: 192.168.5.1#53 ** server can't find google.com: SERVFAIL # resolve from DNS proxy server % nslookup google.com 192.168.5.220 Server: 192.168.5.220 Address: 192.168.5.220#53 Non-authoritative answer: Name: google.com Address: 172.217.194.101
To be clear, this question is NOT about:
1. Let LAN DHCP clients use the internal DNS server, I still want OPNsense as main DNS server, then the OPNsense DNS fetch from DNS proxy server on LAN
2. Froce all user use specificed DNS server by firewall rule (aka. force redirect all dns trafic)

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy