No updates or no DNS from local firewall

Started by BOSSJoe, October 25, 2024, 03:10:40 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 25, 2024, 03:10:40 PM
Hi everyone,

I currently have the issue that I can no longer make updates on my OPNsense. It seems that the URLs can no longer be resolved correctly.

A quick test on the CLI confirms this. I can ping external IP addresses from the firewall but not URLs.

From the rest of the network this works without problems, but I also use an Adguard DNS server for all my devices in the network. On the OPNsense I have set 1.1.1.1 as DNS under the general settings.

However, the problem only occurred after I had created a MultiWAN configuration. I had no problems before that.

I had already posted a similar problem here in the middle of the year but unfortunately did not get an answer. At that time I was able to solve the problem by dissolving or deactivating the MultiWAN. This no longer works.

At that time, I also suspected that the gateway was not configured correctly. Now I'm thinking more of the DNS server.

Could someone possibly help me here? I'm at the end of my rope.

Thank you very much

Greetings

Joe
October 25, 2024, 03:33:50 PM #1
What does /etc/resolv.conf look like? How about the output of route -n get 1.1.1.1 ?
October 25, 2024, 03:39:47 PM #2
Hi,
Thank you very much for the quick reply.

Unfortunately I seem to have locked myself out when troubleshooting. I read in another post that enabling hardware CRC would have helped.

I did that and now I can no longer access the OPNsense.

When I'm further along here, I'll write you the results straight away.

Thank you very much.

Greetings
Joe
October 25, 2024, 04:51:34 PM #3
Hi,

Backup restored and now everything works again. At least I can access the WebUI and the firewall via SSH.

/etc/resolv.conf looks like this:

Code Select
domain localdomain
nameserver 127.0.0.1
nameserver 1.1.1.1
search localdomain

route -n get 1.1.1.1 shows:

Code Select
root@OPNsense:~ # route -n get 1.1.1.1
   route to: 1.1.1.1
destination: 1.1.1.1
    gateway: 89.187.208.22
        fib: 0
  interface: pppoe1
      flags: <UP,GATEWAY,HOST,DONE,STATIC>
recvpipe  sendpipe  ssthresh  rtt,msec    mtu        weight    expire
       0         0         0         0      1492         1         0

I would spontaneously remove 127.0.0.1 as DNS.

Any other ideas?

Greetings
Joe
October 25, 2024, 04:59:28 PM #4
Another small update.

I got it running again. I remembered that it was not the MultiWAN story that prevented the updates but an active Wireguard config.

I have now deactivated this and everything is working again.

However, I would like to understand why I can ping external IP addresses and want URLs via the Wireguard address?

Greetings
Joe
Print
Go Up Pages1
User actions