Messages

Hello,

you have no nameserver for the opnsense itself. If you look into your /etc/resolv.conf you will have the entry "nameserver 127.0.0.1". But your unbound is listening on port 5353. I wonder why you changed the port to this, when adguard is running on a different machine.
To solve it you can:
- change the port of unbound to 53
or
- port forward port 127.0.0.1:53 to 127.0.01:5353 on the Loopback interface.

KH

I change unbound port to 53, and all works.

Thanks @KHE.

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

Hello,

I am having a problem updating Opnsense and its plugins, these appear as orphaned.
I think it comes from the DNS configuration.
All DNS traffic is directed to Adguard, on a separate machine, Unbound is configured as upstream DNS in Adguard.
All of my equipments on the LAN have Internet access, but i can't resolve DNS from opnsense itself.

I have configured all of this as follows

1- DHCP configuration



2- Unbound configuration





3- NAT port forwarding



4- General configuration



What i missed?

Thanks

This don't work, so I revert to old IP.
Now I have a new problem, i can't access to system / settings / administration, and only this menu, all other menus works.

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

Hi,

After changing lan ip on a fresh install, i'm unable to access gui, but I can ping the new address.
If I revert to old ip, with ssh, it work again.
I have the same problem on another fresh install, both opnsense running on an esxi (two differents servers) .

Thanks.

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

No idea ?

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

Hi,

I need to do NAT between one of my LAN and a VPN (NordVpn).

Configuration of OpenVPN client is ok.



I created an interface for VPN



VPN gateway is ok.



I added a FW rule for LAN.



NAT outbound rules are configured like this:



DNS configuration for gateways:



With this configuration, when i try to ping www.google, for example, it doesn't work. Same with apt update on a linux machine in the LAN.



What i missed?

Thanks

I have solved the problem...
Dnswarden project is closed.  :-\

Thanks for help.  ;)

Ikes

Can you disable IPv6 and clear the whole server list ... does this fix it?

It solved the problem.
I will add server and chek.

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

This my config for Dnscrypt-proxy.

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

My fallback resolver is quad9.

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

Can you try to manually add a Server and link in General Tab?

Add a server in server tab ?

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

Yes, I tried to disable dnsbls, but this doesn't work, dnscrypt-proxy don't restart.

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

Hi,

Last night, my DNSCrypt-Proxy plugin crashed, with fatal error "no servers configured".
I use OPNsense 20.1.1-amd64
         FreeBSD 11.2-RELEASE-p16-HBSD
         LibreSSL 3.0.2

Code Select Expand

[2020-03-03 19:22:09] [NOTICE] dnscrypt-proxy 2.0.39
[2020-03-03 19:22:05] [FATAL] No servers configured
[2020-03-03 19:22:05] [NOTICE] Source [public-resolvers] loaded
[2020-03-03 19:22:05] [NOTICE] Network connectivity detected
[2020-03-03 19:22:05] [NOTICE] dnscrypt-proxy 2.0.39
[2020-03-03 19:21:14] [FATAL] No servers configured
[2020-03-03 19:21:14] [NOTICE] Source [public-resolvers] loaded
[2020-03-03 19:21:14] [NOTICE] Network connectivity detected
[2020-03-03 19:21:14] [NOTICE] dnscrypt-proxy 2.0.39
[2020-03-03 19:21:08] [FATAL] No servers configured
[2020-03-03 19:21:08] [NOTICE] Source [public-resolvers] loaded
[2020-03-03 19:21:08] [NOTICE] Network connectivity detected
[2020-03-03 19:21:08] [NOTICE] dnscrypt-proxy 2.0.39
[2020-03-03 01:00:04] [FATAL] No servers configured
[2020-03-03 01:00:04] [NOTICE] Source [public-resolvers] loaded
[2020-03-03 01:00:04] [NOTICE] Network connectivity detected
[2020-03-03 01:00:04] [NOTICE] dnscrypt-proxy 2.0.39
[2020-03-02 23:12:31] [NOTICE] Server with the lowest initial latency: af-dnswarden-dc1-ecs (rtt: 31ms)
[2020-03-02 23:12:31] [NOTICE] -    35ms af-dnswarden-dc3-ecs
[2020-03-02 23:12:31] [NOTICE] -    34ms af-dnswarden-dc2-ecs

It seem DNSCrypt-Proxy failed after an update of DNSBL lists.

Code Select Expand

2020-03-03T01:00:00 configd.py: [db857a6c-d093-4bd8-b71f-0b6f33dfd55f] Performing remote backup
2020-03-03T01:00:00 configd.py: [eb383832-9ceb-4f29-9c46-ee7c01c9c0fd] fetching DNSBLs and restart


Any solution?

Thanks

Ikes

Hi,

Right now I'm setting up opnsense for my home network and I have questions about DNSSEC and DNSBL management.
I read documentation, tutorials, forums and apparently, there are different solutions:
- unbound + bind,
-unbound + dnscrypt-proxy,
-dnscrypt-proxy standalone,
-unbound + pi hole.

I will also add a VPN to access the internet.

So what is the most effective solution for this need?

Thanks.

Ikes