Messages

nice yeah i did

https://dnscheck.tools

and thats what got me down this rabbit hole, it was my ISP's DNS even tho i changed my system nameservers to quad9/google/cloudflare

but now its WoodyNet ie quad9 when i set up DoT

do i need to make a fw rule as it says on the page to block outgoing 53 ?

nice, so now im using DoT

before i was using dns settings under system > settings > general

and when i went to

https://ipleak.net/

my dns was coming back as my isp's dns even tho i had it using google, quad9 or cloudflare

since i changed to DoT and refreshing the page my DNS now is google/quad9/cloudflare so all good

has anyone else experienced this

so reading this guide

https://docs.opnsense.org/manual/unbound.html#dns-over-tls

il go here

services > unbound dns > dns over tls - add

fill it in with either cloudflare google or quad9

do i need to do the "advanced configurations"

this is DoT, is "os-dnscrypt-proxy" DoH

what one is better to use?

basically the reason why im asking is because I got from my ISP a block page when trying to access a website

I dont understand why i got a block page from them as im not using my ISP's DNS

under

system > settings > general

im using 8.8.8.8 and  1.1.1.1 and 9.9.9.9

and i have "unticked" both "dns server options"

allow dns server list to be overrridden by dhcp/ppp
do not use the local dns service as a nameserver

on my main pc i have changed my dns ip to that of my opnsense lan ip

hi all,

just want to know whether opnsense supports configuring DoT DNS over TLS or DoH DNS over HTTPS

if so what one should i use for my ISP not to spy on me and see what im doing

thanks,
rob

Bump

hi all,

made a floating rule, so i can block in/out, here it is

https://i.postimg.cc/t4jhdhyB/block-internet.png

i know its disabled atm but it was enabled and it is working ie it blocks ping to 8.8.8.8 and any internet bookmarks i have it just cant gewt to them, times out

i have done invert dest as i still want to access internal websites like opnsense and hosted websites, all works

but when i send myself a teams/outlook on my phone, it comes through to my "rkw_pc" ie the "source" why is this please

thanks,
rob

sorry for the long wait, ive been researching into it, basically in the end i didnt have to mess about with my dhcp options/config as i installed DRBL with dnsmasq and part of dnsmasq is proxy dhcp

https://std.rocks/gnulinux_clonezilla_drbl.html

hi all,

im trying to set up pxe boot for my DRBL server, is this where i do it and what options do i put in please

https://i.postimg.cc/nzF4VFHr/pxeboot.png

heres the link to the DRBL server install, cant see what options i need to put in

https://drbl.org/installation/

thanks,
rob

hi all,

my opnsense just rebooted by itself, how can i look at the logs or web gui into seeing why it happened, happened about 22/03/2025 09:40

thanks,
rob

did what i said and its worked

https://i.postimg.cc/KYFJ7bZc/Screenshot-2025-02-13-092805.png

i found out why

<ifname>AllInt</ifname>
      <members>opt1 enc0 lan opt2 opt3</members>
      <nogroup/>
      <sequence>0</sequence>
      <descr>AllInt</descr>
    </ifgroupentry>
    <ifgroupentry uuid="bf1ef880-0e64-4317-82e1-b842e9418527">
      <ifname>All_Int</ifname>
      <members>lan,opt1,opt2,opt3,opt4</members>

as

opt1 enc0 lan opt2 opt3

should be

opt1,enc0,lan,opt2,opt3,opt4

you think i can just change in the xml and restore the new xml?

can anyone please help me out on this?

ok im on the latest f/w 25.1 and still the same issue, can anyone help please?

hi all,

I have made a firewall group but when i try to add a new interface to my group i cant as when i edit the group its blank, is this a bug, do i need to update my fw?

I attach pic in link

https://i.postimg.cc/Vv8rRnZ1/Screenshot-2025-02-09-031314.png

https://i.postimg.cc/59L8CNKb/Screenshot-2025-02-09-030334.png

thanks,
rob

thanks found it and it is the correct format, thanks for that