No Internet But Can Ping

[CLawrence]

Hey

See attached.

I don't remember putting any of this info in here, I just looked at another one of my machines and there are only 4 rules not 24 like this one.

[Mayo132]

Ok,

the rules are right -> You allow everything out of your network.

So please check if the Unbound is running:
Go to Services > Unbound DNS > General
>>> Have a look at the top right, is there a green "Play" button?

And please post a screen of
> Services > unbound DNS > Log File

thanks

[Mayo132]

And can you post the output of the follwing command on one of the clients ?

open a comand prompt:

Code Select Expand

nslookup google.de 8.8.8.8

thanks


EDIT:
And can you post the settings of your WAN interface ?

[CLawrence]

Ok,

the rules are right -> You allow everything out of your network.

So please check if the Unbound is running:
Go to Services > Unbound DNS > General
>>> Have a look at the top right, is there a green "Play" button?

And please post a screen of
> Services > unbound DNS > Log File

thanks

The green button is there, let me know if you want me to run it. It looks like the service isn't running.

Also there aren't any log files.

[CLawrence]

And can you post the output of the follwing command on one of the clients ?

open a comand prompt:

Code Select Expand

nslookup google.de 8.8.8.8

thanks


EDIT:
And can you post the settings of your WAN interface ?

Everyone is gone for the day out there. I can have someone test it tomorrow for me. I will have to remove my dns settings first too.

[Mayo132]

Thanks.

In the Case of the green play button, this is saying that the service ist running.

Can you provide us a short summery how you configure your WAN Side ? And how it is connected top the Internet ?

Are you using a dail in ? Or are you using an exsisting Internet Connection ?

Thanks a lot

[CLawrence]

Morning,

Attached is my wan interface info.

My wan is statically assigned, it's physically connected to my comcast modem. One network wire goes from the computer directly to the modem. Not using dial in, yes an existing internet connection.

Let me know if you want me to still get you that nslookup info.

I will most likely have to remove the settings that I have put in to get it working in the interim.

[Mayo132]

Hey, thanks for your reply.

Are you shure, that your provider is offering a /29 network to you ?  Or could it possible also a /30 network?

=> /29 = 8 Ips   //  /30 = 4 IPs

Code Select Expand


50.x.x1.20 Gateway
50.x.x1.21 Opensense
50.x.x1.22 Gateway
50.x.x1.23 Broadcast


If you are getting a /30 Network you probably has a failure in your config.

It should look like:

Code Select Expand


50.x.x1.20 Gateway
50.x.x1.21 Modem
50.x.x1.22 Opensense
50.x.x1.23 Broadcast


So you should use the 22 at your opensense and the 21 at your modem.
> The upstream gateway for the opensense is the .21

Can you check these settings ?

[CLawrence]

We have 5 ips from Comcast we use the last one for opnSense.

My subnet mask is 255.255.255.248 which from what I looked up is a /29. At one point I did have it as /28. That was before I reached out to you guys for help.

I thought it was strange that our gateway was higher than our ip's but all our other equipment works in that office.

[Mayo132]

Ok,

so you set up the other pc's like this config ?

Code Select Expand


50.x.x1.16 PC1 (Gw: x.22)
50.x.x1.17 PC2 (Gw: x.22)
50.x.x1.18 PC3 (Gw: x.22)
50.x.x1.19 PC4 (Gw: x.22)
50.x.x1.20 PC5 (Gw: x.22)
50.x.x1.21 Opensense
50.x.x1.22 Gateway
50.x.x1.23 Broadcast


And PC1 - 5  get a working internet connection ?

If this is the case, please do the nslookup info behind the opensense.

[CLawrence]

No We start at 17, we have 17-21 as usable ips. GW is 22.

We have a firewall that has 17-20.

21 is opnsense.

You want me to run the nslookup directly from opnSense or from a computer connected to opnSense?

[Mayo132]

Please do it from a pc connected to the OPensense.

[CLawrence]

Here you go.

I have his computer for the next couple of minutes so let me know if there is anything else you'd like me to try.

[Mayo132]

Hey,

great -> this means, your network is working.


So please try out the following:

Go to your OpnSense ->  System -> Settings -> General

Uncheck the "DNS Server optons" "Allow FND Server list to be overwridden by DHCP/WAN"
> Only fill in google DNS server or cisco Umbrellas

And try to a new nslookup (without the 8.8.8.8)

[Mayo132]

I do want to let you know that it seems to be fixed at least on the devices that are connecting to the internet side because of the settings I added under Services, DHCPv4, Lan, DNS Servers. Pic attached (DHCP DNS)

Hi,

and sorry. I had a look at your "DHCP" Server settings. Please, remove the DNS Servers there. It should be "blank".