136
General Discussion / Re: Stuck at setting up static route
« on: October 25, 2024, 04:26:28 pm »
You may also need to configure your WAN interfaces to not "Block [private/bogon] networks"
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
137
General Discussion / Re: Stuck at setting up static route
« on: October 25, 2024, 04:24:48 pm »
Does "Others router" have a route to 192.168.x.x pointing back to "My router" (172.16.1.3)?
138
24.7 Production Series / Re: Enabled Hardware CRC now unable to connect via WebUI or SSH
« on: October 25, 2024, 03:59:58 pm »
Option 13 from the menu on the console?
139
24.7 Production Series / Re: No updates or no DNS from local firewall
« on: October 25, 2024, 03:33:50 pm »
What does /etc/resolv.conf look like? How about the output of route -n get 1.1.1.1 ?
140
General Discussion / Re: Captive Portal on Different Domain
« on: October 25, 2024, 01:40:22 pm »
You could actually create a loopback interface, and give it any IP address you like, and use that (either directly or through a DNS host override) as the captive portal hostname... but I still don't really see any value in that, unless you think that hiding the fact that the captive portal is running on the firewall itself has some value......
141
General Discussion / Re: Captive Portal on Different Domain
« on: October 25, 2024, 01:34:04 pm »
The IP address used for the captive portal is the same IP address used by clients as their gateway. You can't hide it.
142
General Discussion / Re: Captive Portal on Different Domain
« on: October 25, 2024, 12:54:13 pm »
The IP of the router is going to be the gateway for the clients. There is no way to hide that.
143
General Discussion / Re: Unbound dns through wireguard VPN
« on: October 25, 2024, 12:27:32 pm »
You can't use a firewall rule to specify a gateway for traffic originating from the firewall itself. The firewall itself uses its routing table. When the VPN connection is established, it should add entries to the routing table, based on what routes the VPN server advertises, unless you tell it not to by checking that "Disable Routes" option... which is why I'm suggesting unchecking it.....
144
General Discussion / Re: Captive Portal on Different Domain
« on: October 25, 2024, 12:07:23 pm »
I'm still not sure what it is that you're trying to accomplish ... but you can put whatever hostname you want in the captive portal configuration, so long as the clients can resolve it to the IP address that the captive portal is listening on. You could use a host override in Unbound DNS with some fake hostname/domain.....
145
General Discussion / Re: mDNS Relay Issues with OPNsense and FritzBox Exposed Host Setup
« on: October 25, 2024, 12:02:43 pm »
By "FritzBox LAN address", do you mean the individual IP address, or the subnet? I think it'd have to be the latter, as the multicast traffic would be sourced from the client (iPad).
You may also need to disable "Block [private/bogon] networks" on your OPNsense WAN interface, if applicable....
You may also need to disable "Block [private/bogon] networks" on your OPNsense WAN interface, if applicable....
146
General Discussion / Re: Unbound dns through wireguard VPN
« on: October 25, 2024, 11:45:59 am »
I don't think you'd need any additional rules. Traffic from the firewall itself wouldn't need to be NAT'ed.
There may be other consequences of not disabling addition of routes - beware
There may be other consequences of not disabling addition of routes - beware
147
General Discussion / Re: Captive Portal on Different Domain
« on: October 25, 2024, 11:13:02 am »
What do you mean by "sharing my router domain"?
You can specify a Hostname in the captive portal configuration, but clients must still be able to resolve that to the IP address that the capture portal service is listening on.
What problem are you trying to solve?
You can specify a Hostname in the captive portal configuration, but clients must still be able to resolve that to the IP address that the capture portal service is listening on.
What problem are you trying to solve?
148
General Discussion / Re: Unbound dns through wireguard VPN
« on: October 25, 2024, 10:32:40 am »
In step 3, checking "Disable Routes" would prevent adding routes offered by the VPN provider to OPNsense's routing table, which is not what you want. I've not tried this setup myself, but if you're feeling brave, try uncheckig that and see how it goes.
149
General Discussion / Re: Unbound dns through wireguard VPN
« on: October 25, 2024, 10:12:10 am »
I assume you're using some VPN service, and want everything (all internet access) to go through it?
What "official guide" did you follow?
What "official guide" did you follow?
150
24.7 Production Series / Re: Log specific domain traffic, allow and continue processing rules
« on: October 25, 2024, 10:07:17 am »
Assuming you mean DNS domains.... firewall rules don't deal with those, only IP addreses, but there this this: https://docs.opnsense.org/manual/reporting_unbound_dns.html