"Recent posts
#21
General Discussion / Re: Configuring DNS for Client...
Last post by meyergru - Today at 04:33:40 PM1. Did you specify "force" in the option?
2. Did you wait for the client to renew its lease?
2. Did you wait for the client to renew its lease?
#22
General Discussion / Re: OPNsense insists that DHCP...
Last post by vimage22 - Today at 03:51:21 PMQuote from: franco on January 09, 2026, 01:07:26 PMLAN has Track6 mode by default which launches DHCPv6 and Radvd.
This was not obvious to me when I did a fresh install and tried to change from ISC to kea or dsnmasq. After reading this entire thread, it now makes even more sense. I am on kea and IPv6 works perfectly.
#23
General Discussion / Re: Configuring DNS for Client...
Last post by CursedGravity - Today at 03:47:08 PMLike this?
My client still doesn't have a DNS server from DHCP. You cannot view this attachment.
My client still doesn't have a DNS server from DHCP. You cannot view this attachment.
#24
Portuguese - Português / Re: FTP LIST/LS retorna erro 5...
Last post by ludarkstar99 - Today at 03:43:23 PMUse nsoluoes_ti,
Use o plugin `os-ftp-proxy`.
O problema acontece porque o cliente FTP ao enviar o comandos PASV (entrar no modo passivo), instrui o serivdor a abrir um canal de dados em outra porta, e deve estar havendo o bloqueio neste ponto.
O plugin mencionado acima intercepta as conexões ftp na lan e faz um intermédio (proxy) entre servidor-ftp <> firewall <> cliente.
Pra gente já resolveu.
PS.:
no pfsense, deve haver alguma outra regra que não foi portada para o opnsense.
veja se não tem nenhum port forward (encaminhamento de porta) com reflection habilitado e fazendo conflito.
ou se há algum port forward na wan fazendo encaminhamento de portas altas para um servidor/pc interno específico. já peguei este cenário com câmeras/dvr/voip.
se possível, faz uma captura de pacotes em todas as interfaces, com filtro no campo hosts com o ip do servidor. já ajudar diagnosticas quem enviou o último pacote, e qual foi a porta alta usada no pasv.
Use o plugin `os-ftp-proxy`.
O problema acontece porque o cliente FTP ao enviar o comandos PASV (entrar no modo passivo), instrui o serivdor a abrir um canal de dados em outra porta, e deve estar havendo o bloqueio neste ponto.
O plugin mencionado acima intercepta as conexões ftp na lan e faz um intermédio (proxy) entre servidor-ftp <> firewall <> cliente.
Pra gente já resolveu.
PS.:
no pfsense, deve haver alguma outra regra que não foi portada para o opnsense.
veja se não tem nenhum port forward (encaminhamento de porta) com reflection habilitado e fazendo conflito.
ou se há algum port forward na wan fazendo encaminhamento de portas altas para um servidor/pc interno específico. já peguei este cenário com câmeras/dvr/voip.
se possível, faz uma captura de pacotes em todas as interfaces, com filtro no campo hosts com o ip do servidor. já ajudar diagnosticas quem enviou o último pacote, e qual foi a porta alta usada no pasv.
#25
General Discussion / Re: Configuring DNS for Client...
Last post by Patrick M. Hausen - Today at 02:46:23 PMThe server your clients should use goes into the DHCP options for the respective interface.
#26
German - Deutsch / Re: OPNsense und Hyper-V
Last post by Andi_s75 - Today at 02:38:46 PMDanke nochmals für eure Unterstützung. Es läuft jetzt alles so, wie ich es mir vorstelle. Ich werde das mit der Appliance erstmal verwerfen, zumindest bei diesem Thema.
#27
General Discussion / Configuring DNS for Clients
Last post by CursedGravity - Today at 02:17:39 PMI am trying to configure DNS for my clients. I've tried configuring an upstream server in Query Forwarding and in DNS Servers in the general tab, but to no avail. Can any one please advise on how to do so?
#28
General Discussion / Re: Unable to remove neighbor ...
Last post by Rowebo - Today at 02:03:44 PMSorry -- one additional note: I can see the devices under Interfaces\Diagnotics\ARP Table . . . but they don't seem to be editable there either.
#29
General Discussion / Re: Unable to remove neighbor ...
Last post by Rowebo - Today at 02:00:52 PMGood Morning: I'm having a similar and possibly related problem. Just updated to 25.7.10. Saw an indication of one unexpected error during the update, but then got an indication that the update completed successfully. I had set my devices up with static IP addresses in the prior version. The interface seems to have changed substantially, but in the 25.7.10 under Interfaces\LAN the IPv4 config type is set to "Static IPv4."
My devices now seem to be listed now as "neighbors" and appear to be working. But I believe there was a name field or similar before, where now there's only a description. The devices are all listed as dhcpd-lan, and, for exmaple, my Ecobee thermostat description now says "Living Room" (I think the name field Id'd it before as a Thermostat). This leads to several questions:
1. Am I still running static IPs as before?
2. If not, do I have to reset each device as static, and where/how do I do that?
3: The Neighbors page doesn't seem to allow me to change the description to be more, well, descriptive (if we're ditching the name field), and I thus far can't find a way to do that.
4.
4. It's now unclear how I distinguish between static and DHCP addresses, and how I swap a DHCP entry to a static address -- which, once I looked around the interface, seemed relatively straightforward in the prior version. I could see everything, set static addresses, and then look at something like the neighbors list to
Seems likely I'm just going something wrong. Looked for a log entry after the reported error during the update and didn't find a thing. Currently stumped.
Things seem to be working fine thus far, so this seems relatively minor. But it would help to know if I'm just struggling with the new interface or if there's an issue. If the latter, happy to report whatever is useful -- but somebody will have to tell me what to look for in info that would help.
Thanks much for any help.
My devices now seem to be listed now as "neighbors" and appear to be working. But I believe there was a name field or similar before, where now there's only a description. The devices are all listed as dhcpd-lan, and, for exmaple, my Ecobee thermostat description now says "Living Room" (I think the name field Id'd it before as a Thermostat). This leads to several questions:
1. Am I still running static IPs as before?
2. If not, do I have to reset each device as static, and where/how do I do that?
3: The Neighbors page doesn't seem to allow me to change the description to be more, well, descriptive (if we're ditching the name field), and I thus far can't find a way to do that.
4.
4. It's now unclear how I distinguish between static and DHCP addresses, and how I swap a DHCP entry to a static address -- which, once I looked around the interface, seemed relatively straightforward in the prior version. I could see everything, set static addresses, and then look at something like the neighbors list to
Seems likely I'm just going something wrong. Looked for a log entry after the reported error during the update and didn't find a thing. Currently stumped.
Things seem to be working fine thus far, so this seems relatively minor. But it would help to know if I'm just struggling with the new interface or if there's an issue. If the latter, happy to report whatever is useful -- but somebody will have to tell me what to look for in info that would help.
Thanks much for any help.
#30
General Discussion / Re: Is ChatGPT. correct about ...
Last post by viragomann - Today at 01:26:28 PMQuote from: lorem on Today at 03:33:07 AMI want the VPN VLAN traffic to use the VPN tunnel DNS serverSo the VPN provider gives you a DNS server to use?
If so you can either just configure the VLAN clients to use it for DNS resolution (also via DHCP) or simply redirect all DNS traffic to it. The latter only works with unencrypted DNS, however, this shouldn't matter here.
In both cases you need to route the DNS traffic to the VPN server, of course, and in both the clients are not able to resolve local host names.
But I cannot think of any possibility to route Unbound upstream requests for one VLAN over the VPN, while the other traffic goes to WAN.
