Messages

Thanks Guys!

***SOLVED***

Thanks @franco!

I found the problem. I had mis-typed an extra . before the domain name in the static lease. Hope this helps someone else.

Thanks! I ran the command and found:

root@opnsense:~ # configctl unbound check
[1738181712] unbound-checkconf[95842:0] error: error parsing local-data at 10 'truenas..home.arpa IN A 10.10.x.x': Empty label
[1738181712] unbound-checkconf[95842:0] error: Bad local-data RR truenas..home.arpa IN A 10.10.x.x
[1738181712] unbound-checkconf[95842:0] fatal error: failed local-zone, local-data configuration

Now I'm looking for how to correct it.

Hi Experts,
Newbie here.

When setting up Unbound-General settings, if I enable "Register DHCP Static Mappings", Unbound will not start. Again, I'm a newbie. I did try the following commands:

root@opnsense:/usr/local/sbin # pluginctl -s unbound start
Service `unbound' has been started.
root@opnsense:/usr/local/sbin # pluginctl -s unbound status
unbound is not running.

If I uncheck "Register DHCP Static Mappings", Unbound will start back with no issues.

Hi Experts,

Newbie here. Any help is much appreciated. I am unable to resolve fqdn's inside my lan. In this example, I'm trying to ping truenas.home.arpa from my pc which fails.

---Config---
Name: opnsense.home.arpa
Version: OPNsense 24.7.11_2-amd64
Router IP: 10.10.7.1/24
Unbound is enabled
Unbound DNS: DNS over TLS: 9.9.9.9

Win10 PC: Dynamic DHCP

truenas.home.arpa: 10.10.7.7
-------------


Successfully flushed the DNS Resolver Cache.

C:\Users\xxxx>ping 10.10.7.7

Pinging 10.10.7.7 with 32 bytes of data:
Reply from 10.10.7.7: bytes=32 time<1ms TTL=64
Reply from 10.10.7.7: bytes=32 time<1ms TTL=64
Reply from 10.10.7.7: bytes=32 time<1ms TTL=64
Reply from 10.10.7.7: bytes=32 time<1ms TTL=64

Ping statistics for 10.10.7.7:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\Users\xxxx>ping -a 10.10.7.7

Pinging TRUENAS [10.10.7.7] with 32 bytes of data:
Reply from 10.10.7.7: bytes=32 time<1ms TTL=64
Reply from 10.10.7.7: bytes=32 time<1ms TTL=64
Reply from 10.10.7.7: bytes=32 time<1ms TTL=64
Reply from 10.10.7.7: bytes=32 time<1ms TTL=64

Ping statistics for 10.10.7.7:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\Users\xxxx>ping truenas.home.arpa
Ping request could not find host truenas.home.arpa. Please check the name and try again.

C:\Users\xxxx>ping dns.quad9.net

Pinging dns.quad9.net [9.9.9.9] with 32 bytes of data:
Reply from 9.9.9.9: bytes=32 time=43ms TTL=50
Reply from 9.9.9.9: bytes=32 time=42ms TTL=50
Reply from 9.9.9.9: bytes=32 time=50ms TTL=50
Reply from 9.9.9.9: bytes=32 time=43ms TTL=50

Ping statistics for 9.9.9.9:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 42ms, Maximum = 50ms, Average = 44ms


C:\Users\xxxx>nslookup 10.10.7.7
Server:  opnsense.home.arpa
Address:  10.10.7.1

*** opnsense.home.arpa can't find 10.10.7.7: Non-existent domain

C:\Users\xxxx>nslookup truenas
Server:  opnsense.home.arpa
Address:  10.10.7.1

*** opnsense.home.arpa can't find truenas: Non-existent domain

C:\Users\xxxx>nslookup truenas.home.arpa
Server:  opnsense.home.arpa
Address:  10.10.7.1

*** opnsense.home.arpa can't find truenas.home.arpa: Non-existent domain

Donated!

Mods: Please forgive if not allowed. I did try to search for any rules against this.

Hi Experts,

(This is for Home Use Only. And I will pay $ for this.) I am somewhat new to OPNsense. Previously, I have used routers that I flashed with Tomato. I have decided not to use xxsense as I don't like the bad deeds committed in the past against OPNsense. And, I like the features and layout of OPNsense better. I have built my own OPNsense router based on an HP commercial desktop with Intel nics. I am capable of a basic config in OPNsense. But I need additional help remotely. I'd like to hire someone who can work with me in a Jitsi session.

Desires:
1 - I'm thinking of staying away from any of the additional plugins that are not supported unless someone makes a strong case to me. I tried setting up the AdGuard plugin which worked nicely. However, I got into trouble when I tried to implement ZenArmor which uses ElasticSearch.
2 - I would like strong security and privacy configured. This is my #1 goal. I'm thinking of certificates, firewall config, IDS, DNS configured for privacy, other options?
3 - (I know this contradicts item number 2.) I'd also like a setup that allows me to host some of my own services possibly.
4 - VPN client and server functionality.
5 - Vlans
There maybe be additional items once we talk.

That's all I can think of for now. Your expert help would be very much appreciated.

Thanks!

Thanks! I knew it had to be something simple I missed. I located the place and created the static entry.

Hello Experts!

OPNsense newbie coming from Tomato. (Even though I am in the US, I skipped pfs---- because of the domain squatting issue. )

I'm running OPNsense 22.1.6-amd64. Nics are all Intel. In the past, with Tomato, I would crate a small DHCP range like 192.168.1.150-192.168.1.200. Then, I would set my static DHCP addresses using the 192.168.1.5-192.168.1.149 which is outside the DHCP range. I am also doing that in OPNsense. In Tomato, I would not have the issue below...

Problem: I have a Proxmox (physical) server which was setup with 192.168.1.10 and a TrueNas (physical) server with an ip of 192.168.1.11. These were assigned manually during the setup of Proxmox and TrueNas. When I go to Services-->DHCPv4-->Leases, I do not see these devices. Nor can I use the search and find these devices by their manually assigned IP's. I understand if they don't show on this page as logic dictates that I might only see true, DHCP leases from my 192.168.1.150-200 range. However, I can't see those servers anywhere in OPNsense. I must be missing something obvious here. Can anyone assist?

Thanks!