Messages

1

21.1 Legacy Series / Re: No access to update / plugins orphaned, DNS misconfiguration?

« on: May 06, 2021, 09:26:22 pm »

Hello,

you have no nameserver for the opnsense itself. If you look into your /etc/resolv.conf you will have the entry "nameserver 127.0.0.1". But your unbound is listening on port 5353. I wonder why you changed the port to this, when adguard is running on a different machine.
To solve it you can:
- change the port of unbound to 53
or
- port forward port 127.0.0.1:53 to 127.0.01:5353 on the Loopback interface.

KH

I change unbound port to 53, and all works.

Thanks @KHE.

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

2

21.1 Legacy Series / [Solved] No access to update / plugins orphaned, DNS misconfiguration?

« on: May 06, 2021, 08:41:47 am »

Hello,

I am having a problem updating Opnsense and its plugins, these appear as orphaned.
I think it comes from the DNS configuration.
All DNS traffic is directed to Adguard, on a separate machine, Unbound is configured as upstream DNS in Adguard.
All of my equipments on the LAN have Internet access, but i can't resolve DNS from opnsense itself.

I have configured all of this as follows

1- DHCP configuration



2- Unbound configuration





3- NAT port forwarding



4- General configuration



What i missed?

Thanks

3

21.1 Legacy Series / Re: Unable to access gui after lan ip change.

« on: April 27, 2021, 09:34:56 pm »

This don't work, so I revert to old IP.
Now I have a new problem, i can't access to system / settings / administration, and only this menu, all other menus works.

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

4

21.1 Legacy Series / Unable to access gui after lan ip change.

« on: April 26, 2021, 10:52:36 pm »

Hi,

After changing lan ip on a fresh install, i'm unable to access gui, but I can ping the new address.
If I revert to old ip, with ssh, it work again.
I have the same problem on another fresh install, both opnsense running on an esxi (two differents servers) .

Thanks.

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

5

20.1 Legacy Series / Re: NAT one LAN to VPN, DNS problems

« on: June 27, 2020, 03:03:47 pm »

No idea ?

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

6

20.1 Legacy Series / NAT one LAN to VPN, DNS problems

« on: June 26, 2020, 10:04:12 pm »

Hi,

I need to do NAT between one of my LAN and a VPN (NordVpn).

Configuration of OpenVPN client is ok.



I created an interface for VPN



VPN gateway is ok.



I added a FW rule for LAN.



NAT outbound rules are configured like this:



DNS configuration for gateways:



With this configuration, when i try to ping www.google, for example, it doesn't work. Same with apt update on a linux machine in the LAN.



What i missed?

Thanks

7

20.1 Legacy Series / Re: DNSCrypt-Proxy crashed with error "no servers configured"

« on: March 04, 2020, 07:34:04 pm »

I have solved the problem...
Dnswarden project is closed. 

Thanks for help. 

Ikes

8

20.1 Legacy Series / Re: DNSCrypt-Proxy crashed with error "no servers configured"

« on: March 04, 2020, 03:35:32 pm »

Can you disable IPv6 and clear the whole server list ... does this fix it?

It solved the problem.
I will add server and chek.

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

9

20.1 Legacy Series / Re: DNSCrypt-Proxy crashed with error "no servers configured"

« on: March 04, 2020, 03:07:43 pm »

This my config for Dnscrypt-proxy.

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

10

20.1 Legacy Series / Re: DNSCrypt-Proxy crashed with error "no servers configured"

« on: March 04, 2020, 02:27:32 pm »

My fallback resolver is quad9.

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

11

20.1 Legacy Series / Re: DNSCrypt-Proxy crashed with error "no servers configured"

« on: March 04, 2020, 01:06:56 pm »

Can you try to manually add a Server and link in General Tab?

Add a server in server tab ?

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

12

20.1 Legacy Series / Re: DNSCrypt-Proxy crashed with error "no servers configured"

« on: March 04, 2020, 07:13:47 am »

Yes, I tried to disable dnsbls, but this doesn't work, dnscrypt-proxy don't restart.

Envoyé de mon ONEPLUS A6003 en utilisant Tapatalk

13

20.1 Legacy Series / [SOLVED] DNSCrypt-Proxy crashed with error "no servers configured"

« on: March 03, 2020, 09:22:51 pm »

Hi,

Last night, my DNSCrypt-Proxy plugin crashed, with fatal error "no servers configured".
I use OPNsense 20.1.1-amd64
         FreeBSD 11.2-RELEASE-p16-HBSD
         LibreSSL 3.0.2

Code: [Select]

[2020-03-03 19:22:09] [NOTICE] dnscrypt-proxy 2.0.39
[2020-03-03 19:22:05] [FATAL] No servers configured
[2020-03-03 19:22:05] [NOTICE] Source [public-resolvers] loaded
[2020-03-03 19:22:05] [NOTICE] Network connectivity detected
[2020-03-03 19:22:05] [NOTICE] dnscrypt-proxy 2.0.39
[2020-03-03 19:21:14] [FATAL] No servers configured
[2020-03-03 19:21:14] [NOTICE] Source [public-resolvers] loaded
[2020-03-03 19:21:14] [NOTICE] Network connectivity detected
[2020-03-03 19:21:14] [NOTICE] dnscrypt-proxy 2.0.39
[2020-03-03 19:21:08] [FATAL] No servers configured
[2020-03-03 19:21:08] [NOTICE] Source [public-resolvers] loaded
[2020-03-03 19:21:08] [NOTICE] Network connectivity detected
[2020-03-03 19:21:08] [NOTICE] dnscrypt-proxy 2.0.39
[2020-03-03 01:00:04] [FATAL] No servers configured
[2020-03-03 01:00:04] [NOTICE] Source [public-resolvers] loaded
[2020-03-03 01:00:04] [NOTICE] Network connectivity detected
[2020-03-03 01:00:04] [NOTICE] dnscrypt-proxy 2.0.39
[2020-03-02 23:12:31] [NOTICE] Server with the lowest initial latency: af-dnswarden-dc1-ecs (rtt: 31ms)
[2020-03-02 23:12:31] [NOTICE] -    35ms af-dnswarden-dc3-ecs
[2020-03-02 23:12:31] [NOTICE] -    34ms af-dnswarden-dc2-ecs
It seem DNSCrypt-Proxy failed after an update of DNSBL lists.

Code: [Select]

2020-03-03T01:00:00 configd.py: [db857a6c-d093-4bd8-b71f-0b6f33dfd55f] Performing remote backup
2020-03-03T01:00:00 configd.py: [eb383832-9ceb-4f29-9c46-ee7c01c9c0fd] fetching DNSBLs and restart

Any solution?

Thanks

Ikes

14

General Discussion / 'Best' solution for DNSSEC + DNSBL for home network

« on: May 30, 2019, 11:17:47 am »

Hi,

Right now I’m setting up opnsense for my home network and I have questions about DNSSEC and DNSBL management.
I read documentation, tutorials, forums and apparently, there are different solutions:
- unbound + bind,
-unbound + dnscrypt-proxy,
-dnscrypt-proxy standalone,
-unbound + pi hole.

I will also add a VPN to access the internet.

So what is the most effective solution for this need?

Thanks.

Ikes