Messages

I am currently running mine under 5353 and I have no issues with that so it is likely not a port conflict.  What error are you getting in the DNSCrypt Genral log in the services section of the web GUI?   
I had the same issue with it not starting, and it turned out to be that I did not have the Secure DNS servers listed in both sections of the GUI config.  Here is how to add them.

1. Go to this list or other site and select the Secure DNS servers you want to use https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v3/public-resolvers.md  (I chose a few providers since DNSCrypt will select the fastest server)

2. In the Web GUI go to DNSCrypt Proxy section under services then select Configuration then the Servers Section

3. In the servers section you will want to  add a new server, Type in a unique name for the the server and then paste the SDNS ID (you do not need the sdns://) then Save it.  Repeat this for each server you wish to use. Make sure you note the names of the servers since you will need it for the next step

4.  Go to the general tab of the configuration page and scroll down to the Server List section and add the names of the servers you created in the previous and save.   

5, Try starting the service and see what the log says.

Not sure why Unbound isn't sending the requests to the other server, I would check to see if the Opnsense instance can hit the other AdGuard server. Easy way to do that is to open a Shell in Opnsense then do a dig command to do a DNS query.  The command line should be something along the lines of dig @IP of Adguard hp.com, though that is the Linux command so I am unsure if it will work in BSD.  If it can't communicate then check the Opnsense and local firewall settings.

The way I would prefer to do it is change the DNS server in the DHCP settings to issue the AdGuard IP to your clients.  This will point all devices that request an IP to use the AdGuard IP, the nice thing about this is that the AdGuard logs will show the source IP of the query instead of the OpnSense IP to make troubleshooting other issues easier.    The setting will in the DHCP Server settings in services.

If you don't want to change it in DHCP you can alternatively set it on the OS to use a certain one, though this is not recommended for mobile devices since it will try to use your IP server when you connect to other networks. 

Thanks for the commands, I verified that I have the latest firmware on all 4 NICs.  I have not seen any issues with the N150 mini PC with the new firmware on a new build of OPNSense.

dmesg shows multiple boots. so if you just dmesg | greg, and some of your boot logs before the firmware update was done will show the older firmware of course. its easiest to verify with sysctl

Code Select Expand

sysctl dev.igc.0.fw_version
sysctl dev.igc.1.fw_version
sysctl dev.igc.2.fw_version
sysctl dev.igc.3.fw_version
etc


Thanks for this info I was able to update the 4 I226-V NICS from version 2.14 to 2.32 in my newly acquired N150 box.  Did the update doing a temp OPNSense install on an old drive, then using SSH/SFTP to transfer files and run commands on the box.

Just one question when I ran "dmesg | grep IGC"  I am seeing some references to the older version?  I am assuming that this is a cumulative log that doesn't clear on reboot?   The later entry shows the newer version, and I checked the log output from running nvmupdate64e on each NIC post update and they all showed a successful update, so I am assuming everything went ok.   

Just want to be sure before I start doing the migration to the new hardware.