Messages

2 DNS server needs 2 different ports
unbound 53
dnsmas 54(assuming unused)

then you create rule in your firewall in one of your lan segment 2
1) to accept port 54
2) a port forward lan segment 2 address dns to firewall port 54

you run 2 dns server on different port, 1 of your lan segment will then portforward dns query to your secondary dns server.
this works as I am doing it, 1 dns for local lan and 1 dns for wifi

you can run 2 dns on same firewal using the same port

This utility will attempt to turn this installation into the latest
OPNsense 24.1 release.  All packages will be deleted, the base
system and kernel will be replaced, and if all went well the system
will automatically reboot.

Proceed with this action? [y/N]: y
fetch: https://github.com/opnsense/core/archive/stable/24.1.tar.gz: Address family for host not supported

file can be downloaded manually but in console throws an error

root@OPNsense:~ # sh -x /usr/local/opnsense/scripts/unbound/check.sh
sh: cannot open /usr/local/opnsense/scripts/unbound/check.sh: No such file or directory
root@OPNsense:~ #

I would have to agree...
possible to remove or uninstall or to force install all required files?
reinstalling does not reinstall necessary files?

root@OPNsense:~ # configctl unbound check
Execute error
root@OPNsense:~ #

this happen suddendly that we lost internet, partially to 1 of our LAN segment.
after we restored that unbound seem to not start anymore, and throws that error in sa logs

I tried to reinstall unbound to no avail, tried reintalling multiple times

OPNsense 24.1.6-amd64
FreeBSD 13.2-RELEASE-p11
OpenSSL 3.0.13


log error

2024-05-03T12:56:44   Error   configd.py   [92dc6ee1-e33b-4f22-958a-c0fee242834f] Script action failed with Command '/usr/local/opnsense/scripts/unbound/wrapper.py -s ' returned non-zero exit status 127. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/actions/script_output.py", line 44, in execute subprocess.check_call(script_command, env=self.config_environment, shell=True, File "/usr/local/lib/python3.9/subprocess.py", line 373, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command '/usr/local/opnsense/scripts/unbound/wrapper.py -s ' returned non-zero exit status 127.
2024-05-03T12:56:39   Error   configd.py   [c9d4e09c-4f10-40af-8778-94dc3845dc4b] Script action failed with Command '/usr/local/opnsense/scripts/unbound/wrapper.py -s ' returned non-zero exit status 127. at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/actions/script_output.py", line 44, in execute subprocess.check_call(script_command, env=self.config_environment, shell=True, File "/usr/local/lib/python3.9/subprocess.py", line 373, in check_call raise CalledProcessError(retcode, cmd) subprocess.CalledProcessError: Command '/usr/local/opnsense/scripts/unbound/wrapper.py -s ' returned non-zero exit status 127.

possible to be able to select which connection? to test?

you could but ithink, what you describe is a bit to complex, for a dual wan. you need a lot of rules but for basic internet access for generic connection or HTTP... dual wan would generally work for your case.
(you need to setup the rules for you bussiness wan and residential wan to be allowed redirected first before going for the last dualwan gateway

you could instead write what you are trying to add

looks similar...

Hi, Please forgive me, I'm new to OpnSense and this forum

I'm hoping someone can help me as I'm unable to find a solution to this.
I have a network configured with multiple subnets and vlans and the admin web gui is accessible from all the default gateways.

Is there anyway to prevent this?

thanks

you need to add a firewall rule to block access to your firewall
ex. guestnet
block, interface guestnet, source any, destination this firewall/guestnet address, port 80/http

for each interface ithink you need to, except your main lan

A hotfix release was issued as 23.1.1_2:

captive portal: remove mod_evasion use which was discontinued by lighttpd
unbound: wait for pipe in logger (contributed by kulikov-a)

updated, captive portal is back and working

thank you!

i think it will be removed on its own...
sort of delayed
at least that is in may case when I make changes to mine

nice thank you
now trying in 23.1.1

OPNsense 23.1.1-amd64

anyone having issues with captive portal after upgrade?
there was no obvious change to firewall settings but hen connecting
the portal does not show up, the dns is up and if portal is disable there is internet
firewall rules for portal is set up and has not been changed

captive portal seems running

connecting to the captive portal does not show the portal itself

I have already tried removing and recreating the zone to no avail

you want your gateway to be empty?
and just blank?

when you enter "none" opnsense still assigns a gateway to your client machine?