Cant update unless i disable the firewall

Started by FirstLobster, April 15, 2020, 11:24:47 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 15, 2020, 11:24:47 AM
Hi, Im running a clean install of opnSense as a vm on Proxmox. its configured with 3 nics:
WAN-192.1681.1.15
LAN 192.168.2.1,
OPT1 192.168.1.18(just for config of the opnsense))

Iv been running a pfsense setup this way with out any issues but wanted to try Wireguard instead of OpenVPN.

Everything is working except i cant update the firewall or get the plugins unless i run "pfctl -d" in the shell.

i can ping www.google.com from the diagnostic using the wan interface and from all the lan clients so i think that rules out dns problems.

All ideas are welcome!
April 16, 2020, 02:21:21 PM #1
This might explain why after setting up wireguard it tells me the plugin is abandoned and the first time I click update it tells me it timed out but the second time says no updates...

I can't disable the firewall on this one right now, but I'm going to build another test unit today and will see if it has the same issue as yours.
April 16, 2020, 09:22:17 PM #2
For me it appears that when there's an active Wireguard tunnel, internal device DNS resolution isn't working.

After I went into System, Settings, General and unchecked "Allow DNS Server list to be overridden" and manually entered DNS servers in the networking box, it suddenly worked properly.
April 22, 2020, 04:32:58 AM #3
Huh, not sure that was it.  I just went to update and it didn't work again.  I went back to the DNS options and manually set the gateway for DNS servers and saved and then it updated.

So it's either 1 of these:

Randomly just decides to work
Saving DNS settings
Adding manual DNS settings
Adding gateway to DNS settings

Not sure which, I'll keep experimenting.
Print
Go Up Pages1
User actions