Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - tdukes

Pages1
#1
General Discussion / Re: Unbound DNS and Adguard and system DNS servers
November 21, 2025, 05:10:29 PM
Thanks

I've probably opened a can of worms.

I don't have any alerts. I went into policy and changed it from alert to drop all. My thinking, if they are on the list, I don't want them on my home site/network.

The reason for running Unbound and Adguard, on separate  machines, is to try to balance any load that may occur. I'm getting hammered by bad bots.
#2
General Discussion / Unbound DNS and Adguard and system DNS servers
November 20, 2025, 09:51:17 PM
Hello,

I have been wondering about this for a while but can't find an answer.

I'm running Unbound DNS with OPNsense. OpNsense sits behind my internet providers modem/router and setup as a transparent filter bridge. I also have another PC running AdguardHome.

In System > Settings > General , what should I be using for the DNS servers? Should I use the PC running Adguard? If so, would Unbound be bypassed? I'd like to use both.

Thanks
#3
25.7, 25.10 Series / Re: Could not find the repository on the selected mirror.
October 16, 2025, 01:19:02 AM
I figured it out!

When I setup the gateway for the MGMT interface I clicked the wrong interface in the drop down box by error. Its working now.
#4
25.7, 25.10 Series / Re: Could not find the repository on the selected mirror.
October 15, 2025, 02:08:24 PM
Thanks,

I was thinking also it may be a firewall rule. The MGMT interface is on the same subnet as my local network. I set up a gateway for it and made FW rules for HTTP, HTTPS and SSH. I just made a Allow All Out rules, now I'm getting a different response: Could not find the repository on the selected mirror.

I've got something hosed up and I'm running out of ideas.

Thanks
#5
25.7, 25.10 Series / Could not find the repository on the selected mirror.
October 15, 2025, 03:11:46 AM
Hello,

Just got OPNsense installed as a transparent filter bridge today. The bridge/firewall is working fine. All clients/devices have internet access being processed thru OPNsense.

The only issue I have and have been working on this most of the day is when I try to do a package update.I get the following error: Could not find the repository on the selected mirror.
Code Select
***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 25.7 (amd64) at Tue Oct 14 20:56:57 EDT 2025
Fetching changelog information, please wait... fetch: https://pkg.opnsense.org/FreeBSD:14:amd64/25.7/sets/changelog.txz: Network is unreachable
Updating OPNsense repository catalogue...
pkg: http://mirror.venturasystems.tech/opnsense/FreeBSD:14:amd64/25.7/latest/meta.txz: Network is unreachable
repository OPNsense has no meta file, using default settings
pkg: http://mirror.venturasystems.tech/opnsense/FreeBSD:14:amd64/25.7/latest/packagesite.pkg: Network is unreachable
pkg: http://mirror.venturasystems.tech/opnsense/FreeBSD:14:amd64/25.7/latest/packagesite.txz: Network is unreachable
Unable to update repository OPNsense
Error updating repositories!
pkg: Repository OPNsense cannot be opened. 'pkg update' required
Checking integrity... done (0 conflicting)
Your packages are up to date.
***DONE***

I think this maybe a DNS issue. I am using my modem/router IP for the DNS. I also tried Cloudflare and Google. Same results.

I have a gateway setup for my MGMT interface that I'm using to get the updates. I found some 'fixes' by googling the error but none have fixed the issue for me. I also ran 'pkg update' from the shell.

I have another instance of OPNsense running as a VM and have no problems getting the updates.

Any help would be greatly appreciated.

Thanks

EDIT: when I run the diagnostic tool for DNS Look up, it responds:
Response
Type    Answer    Server    Query time
AAAA   pkg.opnsense.org. 644 IN AAAA 2001:1af8:5300:a010:1::1   192.168.1.1   30 msec
#6
General Discussion / Re: Transparent Filter Bridge setup - no internet
October 14, 2025, 11:52:19 PM
Guess I should have put the mgmt interface on a different subnet.

I re-installed this morning and followed a different set of instructions and now have it working. Everything is being routed thru OPNsense.

The only issue I cannot do a package update. I get the following error: No address record found for the selected mirror.

When I google that, it appears to be a DNS issue. I found some suggestions but they didn't work for me.

I ran a DNS Lookup in the diagnostics for pkg.opnsense.org but it didn't return anything. Been trying differet things for the last few hours but I can't seem to figure it out.
#7
General Discussion / Re: Transparent Filter Bridge setup - no internet
October 14, 2025, 04:09:38 AM
I'm locked out again even with the management interface. I'll start over again in the morning.

Has something changed since version 17.1.6 regarding this setup? I have this running as a vm but not as a TFB. Installed it a couple weeks ago just to get familiar with it. The server only has 2 NICs and I got locked out of the vm multiple times as well.

Do I need it to act as a bridge? I have to use my modem/router because its on cable. Is there any where or way to use it and give it a different IP and still route traffic through it?

Thanks again!!
#8
General Discussion / Re: Transparent Filter Bridge setup - no internet
October 14, 2025, 12:34:23 AM
I did add 'Allow All' rules to WAN, LAN and the MGMT interfaces. Not sure why the FW logs says 'Default deny'. I didn't see where to add a gateway except under System > Settings > General. Next to the DNS server, there's a drop down box that only contains 'none'.
#9
General Discussion / Re: Transparent Filter Bridge setup - no internet
October 14, 2025, 12:26:55 AM
Hi!

Thanks!!

I started over (at least 6 times) since I posted. I am now getting the error on #9 when I try to change the LAN type to 'none'.

Code Select
The following input errors were detected:

    The DHCPv6 Server is active on this interface and it can be used only with a static IPv6 configuration. Please disable the DHCPv6 Server service on this interface first, then change the interface configuration.

I was able to get back into my modem/router by unplugging OPNsense from the switch.

Here's what's in the firewall log:


#10
General Discussion / Transparent Filter Bridge setup - no internet
October 13, 2025, 10:04:50 PM
Hello,

I'm having some issues setting the TFB up. I did the default install on a Protectli 4 port.

I am following the OPNsense docs. When I get to #6 - Disable DHCP Sever on LAN, there is no LAN under ISC DHCPv4, only the MGMT interface I setup following the guide.

Also, I can connect to the MGMT interface but when I try to update the packages, I am not connected to the internet.

Code Select
***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 25.7 (amd64) at Mon Oct 13 15:32:08 EDT 2025
Fetching changelog information, please wait... fetch: https://pkg.opnsense.org/FreeBSD:14:amd64/25.7/sets/changelog.txz: Network is unreachable
Updating OPNsense repository catalogue...
pkg: https://pkg.opnsense.org/FreeBSD:14:amd64/25.7/latest/meta.txz: Network is unreachable
repository OPNsense has no meta file, using default settings
pkg: https://pkg.opnsense.org/FreeBSD:14:amd64/25.7/latest/packagesite.pkg: Network is unreachable
pkg: https://pkg.opnsense.org/FreeBSD:14:amd64/25.7/latest/packagesite.txz: Network is unreachable
Unable to update repository OPNsense
Error updating repositories!
pkg: Repository OPNsense cannot be opened. 'pkg update' required
Checking integrity... done (0 conflicting)
Your packages are up to date.
***DONE***

I can ssh in but cannot ping anything on the internet.

I also tried connecting the LAN interface to my switch to see if that had access. No go there. Now I can't login to my modem/router.

I think I'm hosed!

Any help would be grateful!


Pages1