Multiwan fails for double NAT router

[buecker]

Edited subject to better reflect my problem.

Multiwan works on everything except the 2nd router and devices sitting behind it.  It is not just a DNS issue. Just switching the default LAN to all rule gateway to the multiwan group will cause it to fail.  Just in case I have even created a rule for the ip address subnet sitting behind 2nd router.


old ->
I was following the instructions on how to setup a multi-wan failover.  One of the last things it says is to create a DNS rule.

This rule will utilize the gateway group for all traffic coming from our LAN network. This also means that traffic intended for the firewall itself will be routed in this (wrong) direction. That is why Step 5 is needed for our DNS traffic going to and coming from our DNS forwarder on the firewall itself.

I have a double NAT situation.  The main router is running OPNSense.  The router behind this one is the one that loses DNS when I enable the firewall rule that the above talks about.  Why and how do I get DNS to work on the 2nd router?

[buecker]

I upgraded to 21.1.2 last night to see if that would make a difference and as of this morning it still wasn't working.  I've also tested with and without that DNS firewall rule.  The problem isn't the firewall rule.  The problem has something to do with the multi-wan failover.

1. failover is initiated and the router falls back to WAN2.
2. all devices except the 2nd router see the new gateway and it works accordingly
3. the 2nd router shows the gateway as offline but I can still access the router.  If I can access the router with the IP but I can't resolve DNS I think my problem is still something to do with DNS.

In order to continue to troubleshoot can anyone point me in the right direction?  If the rest of the devices are connected to the OPNSense LAN works and yet this router does not, it sure sounds like some odd setting that I am missing.