Messages

Hmm it might be the wrong choice then, thanks for all input!

Keeping software up to date is crucial, but that's another thing I'm stuck in a loop with. I probably have "keep things updated ocd" and spend way too much time updating or checking updates and it's not always the best option to be on the bleeding edge... but can't help myself  ;D

Thanks for the heads up, navigating the interface should not be a problem. What I never could get around with opnsense is how different settings relate to each other, making no sense to me  :)

First, I have to say that I really like Opnsense and I have been using it for a few years now. I love the tinkering and figuring things out and since 24.7 it is also a lot nicer to work with as well.

However, I still feel that I lack knowledge to use Opnsense as intended and I am considering a switch. I realise this maybe isn't the best forum to discuss a switch from Opnsense but I will give it a try.

Would a Unifi cloud gateway ultra be an option for me as an intermediate user? My setup is that I have some Unifi AP's that works really well.

Happy to hear pros and cons and I want to point out again that it's not about Opnsense as a product, it's about my lack of knowledge that has triggered this thought.

When trying to resolve it today, I noticed there was a crash, probably causing the WAN connection to drop. Up and running again!

My opnsense has been rocks solid for a very long time, now suddenly I can't access wan. No changes has been made for a long time and ping gives no response.

Tried restarting opnsense but nothing, running 24.1.9_4.

Wan seems to be working otherwise.

What can I do to troubleshoot?

edit: found an old router and replaced opnsense, working. I can't understand why it suddenly stopped and won't connect again.

Hmm but to get a global setting that all devices are filtered through adguard, I don't need to specify them there? I use static dhcp as a workaround and don't really need static addresses on most devices.

Edit: Ok, understood and checked yaml, it points to opnsense ip, which I added in DHCP settings as well. Still no change.

Until a few months back, I had a fully working setup with unbound and adguard home, until something happened (my guess is that an update broke something).

Short story is that devices within the DHCP range is not affected by blocked client services, not by ip and not by MAC.

If I add the device to a static DHCP outside of the DHCP range, it works. I have also checked which DNS server is used and the clients are shown using cloudflare, which is set up in opnsense and not in adguard.

Also, no clients has ad filtering applied (at least not that I can see the effect of).

adguard:

Upstream DNS
192.168.1.1:8053

Bootstrap DNS servers
192.168.1.1:8053

Private reverse DNS servers
192.168.1.1:8053

opnsense
Settings > General (checked)
Prefer IPv4 over IPv6
Allow DNS server list to be overridden by DHCP/PPP on WAN

unbound > general (checked)
enabled
listen port: 8053
DNSSEC support
Register ISC DHCP4 Leases
Register ISC DHCP Static Mappings
Flush DNS Cache during reload

unbound > DNS over TLS
ip 1.1.1.1
port 853
Verify CN cloudflare-dns.com

ISC DHCPv4
DNS entries empty

I think that's it.

Anything I have overlooked/misunderstood?

I'll try to ask in the large adguard setup thread instead.

Hi,

Thanks for replying, using unbound and adguard points to opnsense, I only have 1.1.1.1 and 8.8.8.8 as fallback.

I just realized when checking just now, my primary dns (cloudflare) setting is somehow gone and I'm using the default ISP dns. Was there a change that reset DNS with an update maybe?

Not sure if this applies to opnsense, adguard or mimugmai, trying to narrow it down.

The devices that are within the DHCP range are not working with adguard settings. For instance, if I have a service blocked, or ad filtering for a device, these are not applied if the device is within the DHCP range.

No matter if I set a static DHCP within the range, or filter client based on MAC address, nothing happens.

If I set a static DHCP outside of the DHCP range, all works as intended.

DHCP range is .100-.199

If I for instance set a static address to .55 all is good.

Any ideas? Running 24.1.7_4 and it has been like this for a while, maybe it changed a while back. If I remember correctly, there was an update to mimugmail's adguard (current version), adguard itself and opnsense a few months back that broke something but I can't figure which and what.

Can someone help me narrow it down?

Everything is blocked perfectly in AdGuard Home. You can set different locks for different clients.

Had only seen the global settings before, this did the trick! Big thanks!

Thanks! Will look into it!

I have thought of AdGuard but I don't think you can limit access on device level?

Thanks, but my router can't handle Zenarmor unfortunately. I can't find the post now, I'm pretty sure I read a post a while back someone blocked YouTube and subdomains using a rule. I could be wrong but any advice appreciated!

I read into the alias part https://docs.opnsense.org/manual/aliases.html but I don't understand how to assign specific IP:s to the alias.

I have two devices with static IP addresses and I want to block YouTube on those devices.

Can someone explain how to achieve that? My kids watch YouTube for approx 36 hours/day...  ;D