Force redirect DNS to AdGuard

Started by cheleby, May 05, 2025, 11:21:30 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 05, 2025, 11:21:30 AM
Hi all. I have a problem to Force redirect DNS to AdGuard. Clients take 10.0.0.1 (opnsense ip adress) with dhcp and use dns 10.0.0.1 to connect internet. But when I add manual 1.1.1.1 dns address to my client cannot use 10.0.0.1. I add firewall rules but not working. Can you help me ?

Code Select
C:\Users\IT>nslookup google.com
Server:  one.one.one.one
Address:  1.1.1.1

Non-authoritative answer:
Name:    google.com
Addresses:  2001:4860:4802:32::78
          216.239.38.120




May 05, 2025, 11:41:24 AM #1
Deciso DEC850v2
May 05, 2025, 12:57:49 PM #2
May 05, 2025, 02:28:18 PM #3
I see you wrote Adguard, do you use this or Aguard Home? aka the plugin in - https://www.routerperformance.net/opnsense-repo/

With the latter, what installation guide did you follow? There is lots of info about it on the forum here, e.g. https://forum.opnsense.org/index.php?topic=22162.0
Deciso DEC850v2
May 05, 2025, 04:16:25 PM #4
Destination is Not /32 normaly /24
FritzBox 6660 BridgeMode 2,5GBit Port > L3 Omada switch
May 05, 2025, 07:51:50 PM #5
Quote from: Wolke68 on May 05, 2025, 04:16:25 PMDestination is Not /32 normaly /24

Even I tried /24
May 05, 2025, 08:06:24 PM #6
Quote from: RamSense on May 05, 2025, 02:28:18 PMI see you wrote Adguard, do you use this or Aguard Home? aka the plugin in - https://www.routerperformance.net/opnsense-repo/

With the latter, what installation guide did you follow? There is lots of info about it on the forum here, e.g. https://forum.opnsense.org/index.php?topic=22162.0
I installed AdGuard home with this steps https://www.routerperformance.net/opnsense-repo/
May 05, 2025, 10:26:15 PM #7
I suspect the OP is mislead by the console output that redirection is not working.
Code Select
C:\Users\IT>nslookup google.com
Server:  one.one.one.one
Address:  1.1.1.1

Non-authoritative answer:
Name:    google.com
Addresses:  2001:4860:4802:32::78
          216.239.38.120The client still believes it queried 1.1.1.1 after all.
It might still have been redirected to AGH.

Querying AGH's query log might be a more appropriate method to verify the redirection worked...
May 05, 2025, 11:32:02 PM #8
Or check the FW logs while querying a DNS server you don't really use. You should in on "LAN" with server specified, out on WAN with whatever upstream server is used in OPN/AGH.

Or query a local name from a public DNS:
Code Select
C:\Users\me>nslookup dvr10.fun.home 8.8.8.8
Server:  dns.google
Address:  8.8.8.8

Non-authoritative answer:
Name:    dvr10.fun.home
Address:  10.100.100.186
Print
Go Up Pages1
User actions