"This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
23.7 Legacy Series / Re: speedtest from cli
September 01, 2023, 06:07:29 PM #2
23.7 Legacy Series / Unbound DNS Query Forwarding not working as expected
August 31, 2023, 09:23:24 PM
I've got Unbound DNS set up with queries going out with DNS over TLS. Those all work fine. I've now got a VPN connection enabled on OPNSense and I'm trying to forward queries for that domain over that connection to the DNS server on that end.
I have Query Forwarding setup as in the attachment.
When I do a normal query for a host on that domain, I get the following:
When I tell the query to use the upstream DNS server explicity it works
Anyone have any idea why this is happening?
I have Query Forwarding setup as in the attachment.
When I do a normal query for a host on that domain, I get the following:
Code Select
root@OPNsense:~ # host -vv HOST_NAME.DOMAIN_NAME
Trying "HOST_NAME.DOMAIN_NAME"
;; connection timed out; no servers could be reachedWhen I tell the query to use the upstream DNS server explicity it works
Code Select
root@OPNsense:~ # host -vv HOST_NAME.DOMAIN_NAME 10.30.50.50
Trying "HOST_NAME.DOMAIN_NAME"
Using domain server:
Name: 10.30.50.50
Address: 10.30.50.50#53
Aliases:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38670
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;HOST_NAME.DOMAIN_NAME. IN A
;; ANSWER SECTION:
HOST_NAME.DOMAIN_NAME. 1200 IN A 10.30.50.119
Received 61 bytes from 10.30.50.50#53 in 32 ms
Trying "HOST_NAME.DOMAIN_NAME"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26674
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;HOST_NAME.DOMAIN_NAME. IN AAAA
;; AUTHORITY SECTION:
DOMAIN_NAME. 3600 IN SOA DNS_SERVER.DOMAIN_NAME. hostmaster.DOMAIN_NAME. 13379 900 600 86400 3600
Received 102 bytes from 10.30.50.50#53 in 30 ms
Trying "HOST_NAME.DOMAIN_NAME"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 530
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;HOST_NAME.DOMAIN_NAME. IN MX
;; AUTHORITY SECTION:
DOMAIN_NAME. 3600 IN SOA DNS_SERVER.DOMAIN_NAME. hostmaster.DOMAIN_NAME. 13379 900 600 86400 3600
Received 102 bytes from 10.30.50.50#53 in 30 msAnyone have any idea why this is happening?
#3
Virtual private networks / Re: Site-to-Site OpenVPN not working from outside OPNSense
August 17, 2023, 06:09:51 PMQuoteA return route on the far end :)
That was pretty much it. The host network on the far end had the return route, but the VPN configuration on that end didn't have the local network in there :-[
Added that and now it's all working perfectly.
Thanks!
#4
Virtual private networks / Site-to-Site OpenVPN not working from outside OPNSense
August 16, 2023, 11:28:05 PM
I've set up a Site-to-Site OpenVPN configuration on 23.7 using the new instances following the steps at:
https://docs.opnsense.org/manual/how-tos/sslvpn_instance_s2s.html
It's connecting to an OpenVPN Access Server, not another OPNSense instance, but that shouldn't matter.
The connection comes up fine, and from the OPNSense router itself, I can access everything just fine. But from all computers in my local LAN, I can't access anything. With a ping, firewall logs show a packet going out, but nothing coming back - either blocked or allowed.
Any thoughts on what I am missing?
https://docs.opnsense.org/manual/how-tos/sslvpn_instance_s2s.html
It's connecting to an OpenVPN Access Server, not another OPNSense instance, but that shouldn't matter.
The connection comes up fine, and from the OPNSense router itself, I can access everything just fine. But from all computers in my local LAN, I can't access anything. With a ping, firewall logs show a packet going out, but nothing coming back - either blocked or allowed.
Any thoughts on what I am missing?
Pages1
