Messages

What are you trying to achieve? I'm a newbie myself to OPNsense, but i've been running Wireguard for a long time now (>3 years). Do you want authentication or webserver with Caddy? Or something else?

I only have one question in the tutorial, the 3rd rule mentions the unexpected source errors in certain devices and gives this setting (Network for the outbound NAT mapping) as a solution, but it only says that "your internal LAN network". What is he referring to? 192.168.1.0 or 192.168.1.1 for the default gateway? I know this is not the appropriate place to ask this question, but the op doesn't want to answer this question. This is the link again if somebody here knows the answer (https://labzilla.io/blog/force-dns-pihole)

In the meantime i found this website (https://labzilla.io/blog/force-dns-pihole) claiming to do what i want exactly but it's for pfsense, and the namings are a bit different. Are these features present in OPNsense? If so how do they differ from pfSense?

Thanks for the quick response! I haven't found this tutorial before! Also what about the DoT/DoH blocking? I find it now default on newer phones to enable google DoH by default on android.

Hi, I'm new to the whole OPNsense forum and also to firewalls. I'm currently running pi-hole on a raspberry, but without unbound. I would like to use pi-hole with it's feature to see who requested what domain, because it will be easier for me to block certain domains this way. My OPNsense is a custom x86/64 based system with a dual port intel nic. I was looking at solutions on different websites, but my main concern was that i won't be able to see the IP/mac address of the device who requested it, only the firewall's (OPNsense) IP address, which isn't ideal for me. I would also like to block any other traffic for hardcoded dns servers on not safe devices, so nothing is getting around the pi-hole. Also is there a way to block or force DoT/DoH to go through port 53 to my pi-hole? Any help would mean a lot to me since i won't be able to deploy the new system until i figure this thing out, because my current setup is working with pi-hole (I want to minimize the level of tracking inside the network).