Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Trouble with Wifi access points
« previous
next »
Print
Pages:
1
[
2
]
Author
Topic: Trouble with Wifi access points (Read 2065 times)
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Trouble with Wifi access points
«
Reply #15 on:
June 10, 2024, 10:37:05 pm »
> On the WAN side (em0) packet capture, there are no DNS entries from any local device, just a bunch of DNS entries back and forth between the WAN address to outside DNS like Cloudflare (1.1.1.1) or Comcast (75.75.5.75).
Yes this is what is expected. That is good. If you see those, then it suggests that queries from other LAN clients and possibly the system itself are going out and being answered. That would narrow down the problem from all clients, to some clients. Then it would be a case of figuring out what's different between them.
My suggestion if the above doesn't give anything to go by, is to have a read of this
https://homenetworkguy.com/how-to/confused-about-dns-configuration-in-opnsense/
. It explains things better. At least with that you'll have a better understanding of what to expect from your settings.
Then to move ahead, I'd suggest to go back to the start and post all your settings relevant to dns resolution:
- system > settings > general
- system > settings > logging
- Interfaces > assignments
- Firewall > NAT > port forward
- Firewall > rules > LAN
- Services > dhcpv4 > LAN
- Services > UnboundDNS > general and any other not default.
p.s. could it be possible the switch is a managed switch with VLANs setup?
Logged
WolfpactVI
Newbie
Posts: 21
Karma: 0
Re: Trouble with Wifi access points
«
Reply #16 on:
June 10, 2024, 11:57:50 pm »
Heh, I did read through that article. I just went through it again with a fine tooth comb. Nothing stood out to me with regard to anything checked or unchecked, set or unset, that might be causing this.
Yes, any client with an external DNS address directly configured works fine. It's when clients try and use the LAN IP as the DNS that issues come up. Also, system queries are failing (at least, when using the "Check For Updates" as a test - with DNS address erased from everywhere, no update server can be found - when 1.1.1.1 entered under System:Settings:General, the update server can be reached again).
I'll upload screenshots of everything tomorrow.
Logged
WolfpactVI
Newbie
Posts: 21
Karma: 0
Re: Trouble with Wifi access points
«
Reply #17 on:
June 11, 2024, 08:28:17 pm »
Well, I've got a weird update. Everything works now! After wondering yet again whether it was really Comcast screwing everything up, I logged into our Comcast Business account and verified one more time that SecurityEdge still showed "not set up". All good. But this time, I decided to go a step further and clicked on Set Up, did the first setup step, but then went back without finishing. Now on the Internet settings page, lo and behold, SecurityEdge was now turned on, with a message that setup was not finished. So I clicked the toggle and turned it off. And DHCP DNS worked! Whether from a phone connected to Wifi or a desktop PC using DHCP connected via ethernet. And Opnsense system updates work too! Near as I can figure, SecurityEdge was actually turned on, even though it said it was not, and was never set up. From many other posts, it seems SecurityEdge causes all sorts of grief when trying to run one's own firewall. Who would have thought that when it showed as off it was actually on.
So sorry to waste your time with all of that. I do appreciate you sticking with me. I did learn a LOT about my firewall. Fingers crossed that this is the end of this particular issue!
P.S. - I discovered one thing left still checked from all of my monkeying with this. On Services: Unbound DNS: DNS over TLS (which I was looking into in case I could not get around Comcast...but SecurityEdge was "off"....
), the box Use System Nameservers was checked, and there was a little warning underneath saying there were no system nameservers configured (which was true). So I unchecked that. But in testing, it seems to make no different whether it was checked or not.
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Trouble with Wifi access points
«
Reply #18 on:
June 11, 2024, 11:22:11 pm »
I'm glad there has been a happy ending. Many would have thrown the towel much earlier than you and not learned as much.
Regarding the setting in Unbound, the helptip gives a better hint of what to expect from it.
Logged
Print
Pages:
1
[
2
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Trouble with Wifi access points