Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - madindehead

#1
Hmm. I may have fixed my WireGuard issue.

I had a Port Forward rule from WAN address to a different net and using the WireGuard port. When I disabled that it seemed to start working again.

Very weird. I can't use my local domain name right now, but I'm getting there. 

Update: I think it's all fixed now. Used the WG interface as the DNS and it seems to work fine. Also added 1.1.1.1 to be safe. So have local name resolution and internet.
#2
I might look at just removing Unbound from the chain right now.

I'm getting very confused as to why I suddenly can't resolve local names.

I use a domain name, example.net, for my internal network. This now isn't resolving.
I previously had my OPNsense router IP as my top upstream DNS in AdGuard, but I don't think this is correct?

I've discovered that you can definite a DNS server in upstream for specific domains, e.g. [/host.com/]1.2.3.4 (from here: https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration#upstreams).

I feel like this is quite flakey and the sheer amount of conflicting and confusing posts in here isn't making it any easier to understand  :-\ Definitely need a concise roundup/summary of what is correct.

Update: I had to re-enable the Static DHCP mapping and register leases in Unbound and it started working again for now. There's probably something else I could do to fix this, but for now I don't have the time to mess around too much.
#3
Quote from: RamSense on September 09, 2021, 07:09:39 PM
I have the opnsense adguard home plugin running - https://www.routerperformance.net/opnsense-repo/

What dns setting do you have in your Wireguard client config? I Use the Wireguard interface eg: 10.10.10.1

In Adguard dns settings i have
Bootstrap dns servers: 192.168.1.1:5353
private dns servers: 192.168.1.1:5353
where 192.168.1.1 is my opnsense ip and have Services: Unbound DNS: General - Listen Port : 5353

hope that helps.

In the client config (on my phone) I used the WireGuard interface IP (let's say it's 10.10.10.1).
On OPNsense, I didn't set a DNS server at the end point.

The issue is definitely with AdGuard Home added in.

I will recheck my configuration later today and see if I'm messing something up along the way.

The fixes at this threadt didn't seem to work for me: https://forum.opnsense.org/index.php?topic=22409.0
#4
Quote from: RamSense on September 08, 2021, 12:36:26 PM
I have it also up and running here.
maybe this will help you:
https://homenetworkguy.com/how-to/configure-wireguard-opnsense/


(Optional if not Automatic) Add ACL Entry for Unbound DNS

If you plan to use your WireGuard interface to provide DNS rather than some other DNS server on your network, it has been noted through feedback that there could be the possibility that you will need to add an entry to the Unbound DNS ACL (Access Control List) to allow the WireGuard interface to access your Unbound DNS server in OPNsense. For my configuration, it seems to have been added automatically, but if you are having issues with accessing your DNS server through the WireGuard interface (in my example, the DNS server would be 10.0.0.1), you may want to check your ACL configuration by going to the "Services > Unbound DNS > Access Lists" page. Click the "Add" button to enter the WireGuard network of 10.0.0.1/24 (for my example) to the ACL.

Do you have it running with AdGuard Home setup?

I would be keen to see what settings you have within the WireGuard client and the OPNsense WireGuard settings. Also AdGuard Home.

There's just something missing, but I have no clue what it is.
#5
Quote from: yeraycito on April 25, 2021, 06:45:38 PM
Adguard + wireguard in Opnsense ( solved ):

https://forum.opnsense.org/index.php?topic=22409.0

I followed your instructions from that thread, but haven't been able to get WireGuard running alongside AdGuard.

WireGuard worked well before I added AdGuard, but now I'm just not getting a connection.

Does anyone else have experience of getting WireGuard running alongside AdGuard and Unbound DNS?
Not sure what Unbound DNS buys me alongside AdGuard, but it works well for my other devices.
#6
I was under the impression that the community repo won't work currently on 21.17, as the dependancy for Python 3.7 is missing (as it uses 3.8).

It has to be rebuilt.