Topics

First, I have to say that I really like Opnsense and I have been using it for a few years now. I love the tinkering and figuring things out and since 24.7 it is also a lot nicer to work with as well.

However, I still feel that I lack knowledge to use Opnsense as intended and I am considering a switch. I realise this maybe isn't the best forum to discuss a switch from Opnsense but I will give it a try.

Would a Unifi cloud gateway ultra be an option for me as an intermediate user? My setup is that I have some Unifi AP's that works really well.

Happy to hear pros and cons and I want to point out again that it's not about Opnsense as a product, it's about my lack of knowledge that has triggered this thought.

My opnsense has been rocks solid for a very long time, now suddenly I can't access wan. No changes has been made for a long time and ping gives no response.

Tried restarting opnsense but nothing, running 24.1.9_4.

Wan seems to be working otherwise.

What can I do to troubleshoot?

edit: found an old router and replaced opnsense, working. I can't understand why it suddenly stopped and won't connect again.

Not sure if this applies to opnsense, adguard or mimugmai, trying to narrow it down.

The devices that are within the DHCP range are not working with adguard settings. For instance, if I have a service blocked, or ad filtering for a device, these are not applied if the device is within the DHCP range.

No matter if I set a static DHCP within the range, or filter client based on MAC address, nothing happens.

If I set a static DHCP outside of the DHCP range, all works as intended.

DHCP range is .100-.199

If I for instance set a static address to .55 all is good.

Any ideas? Running 24.1.7_4 and it has been like this for a while, maybe it changed a while back. If I remember correctly, there was an update to mimugmail's adguard (current version), adguard itself and opnsense a few months back that broke something but I can't figure which and what.

Can someone help me narrow it down?

I read into the alias part https://docs.opnsense.org/manual/aliases.html but I don't understand how to assign specific IP:s to the alias.

I have two devices with static IP addresses and I want to block YouTube on those devices.

Can someone explain how to achieve that? My kids watch YouTube for approx 36 hours/day...  ;D

Maybe too fast with the updates... after updating, internet content started to crawl to finally not having access at all. I can't even check for updates from within opnsense, so I guess that rules out DNS.

Tried a reboot without success. Using ipv4, tried disabling unbound and other services but no change.

Also, the menu items in opnsense disappears partly when accessing the submenu.

Anyone else experiences this?

I don't know where to start and I might have the wrong conclusions.

All was fine until I updated to 23.1.6, after that I have no internet access. It might be unrelated but it seems like an odd coincidence.

It looks in the reports that there is a WAN connection and I have been able to do a speed test. Tried to connect a laptop to the router directly and I still have no remote access and that leads me to DNS issues.

Checked the Unbound DNS report and quad9 reports NOERROR (though I can't recall that I used quad9, where can I change DNS service?)

Edit: I managed to narrow it down. Disabling the adguard port forwarding rule and all is fine. Not sure what broke it though.

I am pretty sure there are similar questions out there, I haven't been able to find them...

Anyway I have a service on a NAS I want to use port forward on. So far so good. On my NAS I have a VPN service, which makes my life harder than it has to be since it has another external IP than my router broadcasts. I have tried to set up selective routing for VPN specific for the NAS but failed, so I am back with VPN on the NAS itself. It shares the same LAN and are on the same network as all other devices.

It would make sense that port forwarding rule is exactly the same in this setup.

Interface WAN
Destination WAN Adress
port range other: port nr
Redirect target IP NAS ip/port nr
Filter rule - pass

I can't find a way to check if the port is open since all my other clients are on the public ip adress. But I still can't seem to connect to the service.

What did I miss?