No Internet Access from OPNsense – DNS, Gateway, DHCP Configured but Firmware U

Started by 404hotfound, July 20, 2025, 10:56:41 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 20, 2025, 10:56:41 AM Last Edit: July 20, 2025, 11:10:57 AM by 404hotfound
Hello everyone,

I'm setting up a new OPNsense installation behind a Fritzbox (192.168.178.1) and I'm encountering a persistent issue where the OPNsense box itself cannot access the internet — no firmware updates, no DNS resolution, and no successful ping to external IPs (e.g. 1.1.1.1 or 8.8.8.8). I'd appreciate any insight.

Setup:
  • Fritzbox (main internet gateway): 192.168.178.1
  • OPNsense WAN IP: 192.168.178.2 (static)
  • OPNsense LAN IP: 192.168.10.1 (static)
  • LAN subnet: 192.168.10.0/24
  • DHCP Server (enabled):
       
    • Range: 192.168.10.10 – 192.168.10.245
    • Gateway & DNS: 192.168.10.1
  • Unbound DNS Resolver: enabled and active
  • Default Gateway: manually set to 192.168.178.1 and marked as upstream
  • Firewall Rules:
       
    • LAN: default rules allow all IPv4 and IPv6 from LAN net to any
    • WAN: manually created rule to allow WAN → ANY (interface: WAN, direction: out, source: any, destination: any, protocol: any)

Problems Observed:
  • From OPNsense Diagnostics:
       
    • Ping to 1.1.1.1: 100% packet loss
    • DNS Lookup to 8.8.8.8 or 1.1.1.1: fails with "error creating socket"
  • Firmware updates fail with timeout/errors
  • Client devices (connected to LAN) receive DHCP leases correctly and appear in DHCP lease table
  • However: client devices also have no internet connectivity

Troubleshooting Attempts:
  • Verified interface assignments (WAN = re1, LAN = re0)
  • Disabled "Block private networks" and "Block bogon networks" on both interfaces
  • Verified Unbound DNS is listening on all interfaces
  • Rebooted OPNsense multiple times after config changes
  • Verified cables and link lights
  • Tested both static and dynamic addressing
  • Manually created WAN firewall rule to allow outbound traffic
  • Gateway is shown as "Online" in system routing diagnostics

Goal:

I want OPNsense to act as the internal gateway and firewall, with DHCP and DNS for clients on 192.168.10.0/24, and access the internet via the Fritzbox through the WAN interface. I also want the OPNsense box itself to reach the internet for updates, DNS queries, etc.

Suspicions:
  • Possibly a NAT or routing issue?
  • Missing firewall rule for OPNsense-originated traffic?
  • Unbound DNS misconfiguration?

Any help would be highly appreciated. I'm open to resetting parts if needed.

Thank you in advance!
July 20, 2025, 11:58:08 AM #1
See this, points 4 and especially, 6. Also: https://forum.opnsense.org/index.php?topic=39556.0
Intel N100, 4* I226-V, 2* 82559, 16 GByte, 500 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
Print
Go Up Pages1
User actions