Hi,
so anyway, my UTM is blocking any http sites/traffic. but https is fine. any ideas?
the UTM is on Bridge Mode
the error:
This thread was automatically locked due to age.
Hi Rizal F,
Could you please provide the DNS configuration detail? Did you configure an external or internal DNS server?
Did you put the internal network to the allowed networks under Network Services > DNS > Allowed networks?
Thanks,
First off, your DNS forwarder: Either pick the one assigned by ISP (checkbox) or uncheck it to use the forwarders that you put in the allowed list there.
Second: Allowed Network under your Global tab should go back to Internal Network.
Are you checking the logs when you try to go to http sites? What is the log showing you? Can you post it?
Your Firewall configuration at the very top: I know someone already talked about the ANY rule (no-no). But it looks like you are missing something on that second rule. You should have a group called Web Surfing, which also contains:
HTTP, HTTP Proxy, HTTP WebCache and HTTPS. Can you change that rule to use that group and not just HTTP?
OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
(Former Sophos UTM Veteran, Former XG Rookie)
hi.
i've setting as you told me..
the first and the second is already changed. the log :
Have you rebooted this firewall recently? I know this sounds funny, but looking at some other posts about this similar behavior, a couple of things seem to 'fix' this problem:
1. Rebooting, for whatever reason. (Maybe a DNS cache flush?)
2. Changing your interface (External) to bridged. What is your external interface now? What type of connection do you have? To me, the logs look like DNS isn't working.
After rebooting, check and see if it works. IF not, I would change your DNS forwarders. Uncheck that box that says to use your ISP forwarder, then create a new DNS forwarder to 1.1.1.1 and see if it works instead Google's DNS servers. Not only do I try to stay away from Google as much as I can, I have had similar issues using their DNS and always end up going back to my ISP. However, in your case, I think this might be a troubleshooting step you should take. I would also flush your caching.
I wouldn't think you need to change your interface to bridged mode if it's not already there, and instead focus on some DNS troubleshooting. The first thing I always try to do is try to go to a website by DNS name. If that doesn't work, I will ping it to get the IP address and then try using the IP in its place. If you can reach it by IP address and not by DNS name, that would confirm you have an issue with DNS.
Did you also try to add that group I mentioned earlier as well?
OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
(Former Sophos UTM Veteran, Former XG Rookie)
Hai Rizal and a belated welcome to the UTM Community!
Agreed with Amodin. Try configuring as in DNS best practice.
Cheers - Bob