Click Test (it should show you green notification “ Specified DNS servers are working correctly”, then click Apply. You should see green “Play” indicator on top of this page after refresh.ģ.1 Now you need to configure AdGuard, navigate to opnsense_ip:3000ģ.2 I set Admin interface to my main LAN (192.168.1.1) as the only listen interface and via port 81 (OPNsense uses port 80 and 443 so select something other than this for AdGuard listen port and if you configure AdGuard’s SSL settings)ģ.3 DNS Server listen interface select ‘ All’ on Port 53.ģ.4 Now go to Settings> DNS and set “ Upstream DNS servers”, “ Bootstrap DNS servers” and “ Private reverse DNS servers” to “ 0.0.0.0:53350”. Now you can login back to OPNsense and continue.ģ.0 Go to: Services: Adguardhome: General and tick “ Enable”, then click Save. More public DNS providers you can find here: Known DNS Providers | AdGuard DNS Knowledge BaseĢ.6 If you use “ Dnsmasq” you need to change port to other than 53 (In my setup it’s “ 5335”)Ģ.7 Reboot your OPNsense so it will bind Dnsmasq and Unbound to different ports (not necessary, but i had bug where 53 was still “already in use”). Server IP: X.X.X.X (your primary dns ip from NextDNS) Add following (for Cloudflare): Server IP: 1.0.0.1Īdd following (for NextDNS) Server IP: X.X.X.X (your primary dns ip from NextDNS) Add following (for Cloudflare): Server IP: 1.1.1.1 Outgoing Network Interfaces: WAN (Your WAN interface or interface group)Ģ.4 Go to: Services: Unbound DNS: DNS over TLSĢ.5 A. Hi! Some people ask on Discord if they can run OPNsense with AdGuard Home, so my answer is YES! In fact, it can be run in OPNsense natively!įirstly install the Community repo from: OPNsense Repo – Routerperformanceīe prepared to lose connection with WAN if you start below setup!ġ.2 Under “ Networking” and “ DNS” setup your favorite External DNS IPs (it will be used by OPNsense if you break something! I’m using Cloudflare and Quad9 here so 1.1.1.1 and 9.9.9.9)ġ.3 Untick “ Do not use the local DNS service as a nameserver for this system”Ĭlient > AdGuard Home > Unbound > External DNS (Cloudflare, Quad9, NextDNS etc.) SetupĢ.1 Go to: Services: Unbound DNS: GeneralĢ.2 Change unbound port to other than 53 (In my setup its “ 53350”)Ģ.3 Tick “ Enable DNSSEC Support”, “ Register DHCP leases”, “ Register DHCP static mappings”, “ Register IPv6 link-local addresses”.
0 Comments
Leave a Reply. |