1
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
23.7 Legacy Series / Unbound DNS Query Forwarding not working as expected
« on: August 31, 2023, 09:23:24 pm »
I've got Unbound DNS set up with queries going out with DNS over TLS. Those all work fine. I've now got a VPN connection enabled on OPNSense and I'm trying to forward queries for that domain over that connection to the DNS server on that end.
I have Query Forwarding setup as in the attachment.
When I do a normal query for a host on that domain, I get the following:
When I tell the query to use the upstream DNS server explicity it works
Anyone have any idea why this is happening?
I have Query Forwarding setup as in the attachment.
When I do a normal query for a host on that domain, I get the following:
Code: [Select]
root@OPNsense:~ # host -vv HOST_NAME.DOMAIN_NAME
Trying "HOST_NAME.DOMAIN_NAME"
;; connection timed out; no servers could be reachedWhen I tell the query to use the upstream DNS server explicity it works
Code: [Select]
root@OPNsense:~ # host -vv HOST_NAME.DOMAIN_NAME 10.30.50.50
Trying "HOST_NAME.DOMAIN_NAME"
Using domain server:
Name: 10.30.50.50
Address: 10.30.50.50#53
Aliases:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38670
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;HOST_NAME.DOMAIN_NAME. IN A
;; ANSWER SECTION:
HOST_NAME.DOMAIN_NAME. 1200 IN A 10.30.50.119
Received 61 bytes from 10.30.50.50#53 in 32 ms
Trying "HOST_NAME.DOMAIN_NAME"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26674
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;HOST_NAME.DOMAIN_NAME. IN AAAA
;; AUTHORITY SECTION:
DOMAIN_NAME. 3600 IN SOA DNS_SERVER.DOMAIN_NAME. hostmaster.DOMAIN_NAME. 13379 900 600 86400 3600
Received 102 bytes from 10.30.50.50#53 in 30 ms
Trying "HOST_NAME.DOMAIN_NAME"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 530
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;HOST_NAME.DOMAIN_NAME. IN MX
;; AUTHORITY SECTION:
DOMAIN_NAME. 3600 IN SOA DNS_SERVER.DOMAIN_NAME. hostmaster.DOMAIN_NAME. 13379 900 600 86400 3600
Received 102 bytes from 10.30.50.50#53 in 30 msAnyone have any idea why this is happening?
3
Virtual private networks / Re: Site-to-Site OpenVPN not working from outside OPNSense
« on: August 17, 2023, 06:09:51 pm »Quote
A return route on the far end
That was pretty much it. The host network on the far end had the return route, but the VPN configuration on that end didn't have the local network in there
Added that and now it's all working perfectly.
Thanks!
4
Virtual private networks / Site-to-Site OpenVPN not working from outside OPNSense
« on: August 16, 2023, 11:28:05 pm »
I've set up a Site-to-Site OpenVPN configuration on 23.7 using the new instances following the steps at:
https://docs.opnsense.org/manual/how-tos/sslvpn_instance_s2s.html
It's connecting to an OpenVPN Access Server, not another OPNSense instance, but that shouldn't matter.
The connection comes up fine, and from the OPNSense router itself, I can access everything just fine. But from all computers in my local LAN, I can't access anything. With a ping, firewall logs show a packet going out, but nothing coming back - either blocked or allowed.
Any thoughts on what I am missing?
https://docs.opnsense.org/manual/how-tos/sslvpn_instance_s2s.html
It's connecting to an OpenVPN Access Server, not another OPNSense instance, but that shouldn't matter.
The connection comes up fine, and from the OPNSense router itself, I can access everything just fine. But from all computers in my local LAN, I can't access anything. With a ping, firewall logs show a packet going out, but nothing coming back - either blocked or allowed.
Any thoughts on what I am missing?
Pages: [1]