Messages

1

24.1 Legacy Series / DNS issue - Windows DNS & Cloudflare DNS

« on: June 07, 2024, 04:37:13 pm »

I have a problem with OPNsense, inside OPNsense I've specified the IP address of the DNS server, this is a DNS client on a Windows AD DC. In the resolv.conf on my OPNsense, it tells me this

domain wardverduyn.be
nameserver 10.0.0.5
search wardverduyn.be

If I now try to ping a host that is not in the AD DC local DNS, but in the DNS from Cloudflare on my domain, for example the A-record "mail.wardverduyn.be" is not inside the AD DC DNS, but it is in my Cloudflare DNS from the domain wardverduyn.be, this does not resolve. It only resolves records inside my AD DC or external records without the "wardverduyn.be". How can I fix this?

2

24.1 Legacy Series / Re: Opening HTTP & HTTPS port on WAN not working

« on: June 06, 2024, 09:44:24 pm »

I'm having problems with port forwarding / reverse proxy from the outside world to my internal network. I've changed my OPNsense GUI port to 8000, but still the HTTP (80) & HTTPS (443) ports seem to be in use of something is not working correctly. I've set up a DNS record for domain.com pointing to my public IP address, so I then can use HAproxy for reverse proxy. The thing is now, when I surf to domain.com, my site does not show.

It's not a DNS issue, because the same happens when I surf to the public IP directly. The weird thing is, in Live Logging in the firewall settings, I can see all incoming TCP request to my WAN on every port, except the 80 & 443 ports. I've tried surfing to domain.com:<RANDOM_PORT> and to <PUBLIC_IP>:<RANDOM_PORT> and these both get logged, so I now this request comes in, and if I then apply firewall rules for that random port to my interal host, that works. It's really just HTTP & HTTPS traffic that doesn't seem to come in.

Do I need to configure something else? I have no specific firewall rules enabled, only the default ones. If I could just start by seeing these requests in my logging, then I can do the firewall rules/reverse proxy myself.

Nevermind, seemed to be an ISP problem. They block those ports on their level. You need to ask them to open it ...

3

24.1 Legacy Series / [SOLVED] Opening HTTP & HTTPS port on WAN not working

« on: June 06, 2024, 08:55:47 pm »

I'm having problems with port forwarding / reverse proxy from the outside world to my internal network. I've changed my OPNsense GUI port to 8000, but still the HTTP (80) & HTTPS (443) ports seem to be in use of something is not working correctly. I've set up a DNS record for domain.com pointing to my public IP address, so I then can use HAproxy for reverse proxy. The thing is now, when I surf to domain.com, my site does not show.

It's not a DNS issue, because the same happens when I surf to the public IP directly. The weird thing is, in Live Logging in the firewall settings, I can see all incoming TCP request to my WAN on every port, except the 80 & 443 ports. I've tried surfing to domain.com:<RANDOM_PORT> and to <PUBLIC_IP>:<RANDOM_PORT> and these both get logged, so I now this request comes in, and if I then apply firewall rules for that random port to my interal host, that works. It's really just HTTP & HTTPS traffic that doesn't seem to come in.

Do I need to configure something else? I have no specific firewall rules enabled, only the default ones. If I could just start by seeing these requests in my logging, then I can do the firewall rules/reverse proxy myself.