Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Ping to LAN interface returns WAN IP Address
« previous
next »
Print
Pages: [
1
]
Author
Topic: Ping to LAN interface returns WAN IP Address (Read 1889 times)
mdecou
Newbie
Posts: 4
Karma: 0
Ping to LAN interface returns WAN IP Address
«
on:
April 19, 2023, 09:51:30 pm »
Hello all,
I have just setup opnsense for the first time (long time pfSense user) and have found a bit of an odd behavior. I have setup a host override in Unbound that identifies my LAN interface (192.168.1.1) as host "opnsense".
When I ping "opnsense", I get a reply from my WAN IP Adress. I suspect there is a simple setting I need to set, but cannot find it.
Thanks for any help or suggestions.
Mike
Logged
Patrick M. Hausen
Hero Member
Posts: 6841
Karma: 574
Re: Ping to LAN interface returns WAN IP Address
«
Reply #1 on:
April 19, 2023, 10:21:53 pm »
"opnsense" as a DNS query responds with all IP addresses the firewall currently has got. Which one your desktop system picks is random. This is not a bug.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
keeka
Newbie
Posts: 7
Karma: 1
Re: Ping to LAN interface returns WAN IP Address
«
Reply #2 on:
November 08, 2023, 03:37:57 pm »
Whilst it may not be a bug, how to remove the wan ip from dns response to the lan hostname?
If, say, you have a port forward (with NAT reflection enabled) on the WAN for http/s, and this directs to an internal webserver, then depending on which IP your client OS chooses, you will hit opnSense admin web interface or the other internal webserver.
«
Last Edit: November 08, 2023, 03:49:12 pm by keeka
»
Logged
Patrick M. Hausen
Hero Member
Posts: 6841
Karma: 574
Re: Ping to LAN interface returns WAN IP Address
«
Reply #3 on:
November 08, 2023, 04:16:19 pm »
Services > Unbound > General
Check the option in the screen shot, then add a single manual host override.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
Kinerg
Newbie
Posts: 33
Karma: 0
Re: Ping to LAN interface returns WAN IP Address
«
Reply #4 on:
November 08, 2023, 08:21:13 pm »
You can use
Unbound config
to segregate responses via access-control-view
Logged
keeka
Newbie
Posts: 7
Karma: 1
Re: Ping to LAN interface returns WAN IP Address
«
Reply #5 on:
November 09, 2023, 11:40:02 am »
Thank you for both suggestions. Either should work in my case.
Incidentally, after posting I noticed that if I exclude wan from unbound listening interfaces, its IP is not returned in DNS answer. However that's not nececssary in the case of the various OPT interfaces. They don't seem to appear in the DNS response.
I understand that unbound listen 'all' is the default and recommended option. I do recall some time in the past I had issues when I did not select that, and the problem was not simply because DNS was absent on the omitted interfaces. IIRC it was something to do with interfaces, assigned to VPN, not being up at boot time.
Thanks again.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Ping to LAN interface returns WAN IP Address