Topics

Hi all, recently, we updated our pair of opnsense firewalls to 24.7.9_1, after updating, our vm's fails to establish connections on port 80, so we cannot download linux updates or navigate pages on http. But, if we use https vm's work as spected.

We have floating rules for ports: 80, 443 and DNS applied. Also, if we do a dig from the vm that is not able to connect on port 80 our DNS responds OK, but connection is not established.

We use high availabilty so we have a Firewall: NAT: Outbound rule pointing to our virtual IP that accepts any source (for testing)

We also have tested pointing the vm gateway to another one outside of opnsense and everything works. So it appears not to be a DNS server problem

Finally, we installed a new opnsense vm and just setup lan, wan, and internet rules, updated to latest, pointed our vm to this new firewall and the same thing occurs

Any idea or help will be appreciated

PD:
Sorry for any mistakes on my writing

Hi, i have opnsense 23 installed, no problem until today. But, after upgrading to 24.1 DNS stops working, as an example ping to 8.8.8.8 works but ping to www.google.com fails.

Also i get pkg repository opnsense has a wrong packagesite need to re-create database

Any ideas?

Best Regards

Hello,

I have an OPNsense 20.7.8-amd64 setup, i'm trying to make a Client Specific Override for OpenVPN but there is no way to save the config due to the following error

The field 'IPv4 Local Network' must contain only valid ipv4 CIDR range(s) separated by commas.

I have tested it with 10.0.0.0/24 172.31.52.0/24 172.31.52.160/27

I'm doing something wrong or there is a bug?

Thanks

Hi all,

I'm have my opnsesen with an optional interface on vlan 138 and lan on vlan 124. For optional interface we configured the ip address 192.168.1.2

For testing, we installed a windows server 2016 vm and attached it to the same vlan (138) and set gateway to 192.168.1.2 and dns to the same address (192.168.1.2), also, in this server an application is running on port 80 and 443

But the problem is that we are not able to make that application available to user because our firewall ir blocking that traffic based on "default deny rule", i can't understand why this happens because we have for testing an allow all rule for this interface (ping, ssh, dns, internet, etc, are working)


192.168.1.131:443   192.168.1.135:50605   tcp   Default deny rule

Our rule (in)

IPv4 *   *   *   *   *   *   *   

Any idea?

Thanks

[Config a:]

Hello,

I'm new to opnsense and i would like to know if there is way to allow my servers to query my LAN enterprise DNS.
This is what i have made for now

Config a:
Unbound DNS: ENABLE
Networ interfaces: all
Wan interfaces all:
DNS Query Forwarding : on
Inside system, settings i have two dns: 8.8.8.8 for google and 10.129.20.X for my lan

Result: i can navigate throught internet but i can not acces my lan dns names, examplo: https://srv-sate.domain.com

Config b
Unbound DNS: ENABLE
Networ interfaces: all
Wan interfaces all:
Custom options with:
server:
forward-zone:
name: "."
forward-ssl-upstream:yes
forward-addr: 1.1.1.1@853   #CloudFlare
forward-addr: 1.0.0.1@853   #CloudFlare
forward-addr: 9.9.9.9@853   #Quad9
forward-addr: 149.112.112.112@853   #Quad9
forward-addr: 185.228.168.168@853   #CleanBrowsing
forward-addr: 185.228.169.168@853   #CleanBrowsing
forward-addr: 8.8.8.8@853   #Google
forward-addr: 8.8.4.4@853   #Google
forward-addr: 80.80.80.80@853   #Frenom
forward-addr: 80.80.81.81@853   #Frenom
forward-addr: 10.129.20.x@853    #Internal
forward-addr: 10.3.104.x@853   #Internal

Result: i can navigate throught internet but i can not acces my lan dns names, example: https://srv-sate.domain.com

If i go to interfaces --> Diagnostics --> DNS LOOKUP and test https://srv-sate.domain.com
I got response from my local lan server 10.129.20.x

Type   Address
A   172.31.40.x

Any Idea what i'm doing wrong or what else i need to make it work

Thanks

Hola a todos,
Soy nuevo en opnsense y estoy teniendo problemas para lograr que las máquinas en mi lan tengan acceso a internet. Actualmente mi configuración es:

Wan: 200.0.0.2 (esta ip es como referencia, pero mi ip real si es publica)
LAN: 172.100.1.200
GW: 200.0.0.1

Firewall:
LAN: IPv4 pass from any to any

DNS
8.8.8.8

Si hago un test de DNS Lookup a google.com es éxitoso
Si desde la pc de mi LAN hago ping a mi ip de lan, gw y wan es éxitoso
Si desde la pc de mi LAN hago ping a 8.8.8.8 es éxitoso
Si desde la PC de mi LAN hago ping a google.com es fallido

Mi interfaz de LAN no tiene GW
NAT Outbounds están configurados en forma automatica

Alguna de idea de que estoy haciendo mal o que debería corregir para que funcione