Messages

Also having this issue. Haven't found a non-SSH workaround. It's also reported here: https://github.com/opnsense/core/issues/9374 that user says the issue resolved itself with no indication of how.

Versions
OPNsense 25.7.7_4-amd64
FreeBSD 14.3-RELEASE-p4
OpenSSL 3.0.18

Thanks for your help.

The DHCP serve hands out the OPNsense IP for the DNS by default. If you want to use another one go to the DHCP settings and state its IP there.

The DNS server you've entered in the General settings is only used by OPNsense itself.

When you say "the OPNsense IP for the DNS", does this mean the DNS server entered in System > Settings > General? If this is the case, I don't understand why disabling Unbound doesn't then make the DHCP server hand out 1.1.1.1 to the clients on my network.

If I enter 1.1.1.1 in DNS servers under Services: ISC DHCPv4: [LAN], then disable Unbound, I lose all internet access again. Something is not right and I'm stuck as to what it is. 

However, instead of disable Unbound DNS entirely and push an external DNS to the clients, I'd rather forward the Unbounds DNS requests to the desired server.
You can configure this in the Unbound settings.
But if you want to direct Unbound upstream request over the VPN you have to add a static route for it (in case the VPN is not used for the default route) and enable the use of the VPN interface in Unbound.

Ultimately this is what I want to do, and take advantage of the many other features of OPNsense to improve my network, but right now I'm just trying to learn the basics and I'm already out of my depth!

I'm very much a beginner with OPNsense so apologies if this is obvious. I have version 25.1.1-amd64 installed on a dedicated box. I recently reset the settings to factory defaults and since then have only added ProtonVPN through Wireguard. Almost all other settings are defaults. In System > Settings > General I have only 1 DNS server (1.1.1.1). "Allow DNS server list to be overridden by DHCP/PPP on WAN" and "Do not use the local DNS service as a nameserver for this system" are both unchecked. Unbound DNS is enabled (that is the default setting on a new install).

When I check my DNS server online it is showing as my ISP. Not sure why it doesn't show 1.1.1.1 (Cloudfare).

If I disable Unbound DNS then I cannot access any websites on my phone or laptop. If I use the ProtonVPN app on my phone (Android) to connect to a VPN then I am able to access websites. On my laptop (Linux), if I connect to ProtonVPN through the NetworkManager applet I can access some websites but some videos don't load.

All I'm looking to understand at the moment is why disabling Unbound causes this behaviour, and OPNsense doesn't revert to 1.1.1.1.

Thanks for any pointers!