Project

General

Profile

Actions

Bug #11304

closed

DNS-Problems after Configuring VPN-WireGuard with IPv4 & IPv6 Address

Added by Stephan Hartenauer 10 months ago. Updated 10 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
WireGuard
Target version:
Start date:
01/23/2021
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.5.x
Affected Architecture:
All

Description

VPN / WireGuard / Tunnels
Address: 172.16.16.1/24 -> Everything ist OK

Also allowed is a Comma separated list of CIDR addresses assigned to interface
Address: 172.16.16.1/24, fd42:42:42::1/64 -> DNS is not working anymore

Service unbound DNS Resolver stops working

Services / DNS Resolver / General Settings
Save
The following input errors were detected:
⦁ The generated config file cannot be parsed by unbound. Please correct the following errors:
⦁ /var/unbound/test/access_lists.conf:7: error: expected deny, refuse, deny_non_local, refuse_non_local, allow, allow_setrd or allow_snoop in access control action
⦁ /var/unbound/test/access_lists.conf:7: error: unknown keyword 'allow'
⦁ read /var/unbound/test/unbound.conf failed: 2 errors in configuration file


Files

pfSense_WireGuard_Bug.pdf (138 KB) pfSense_WireGuard_Bug.pdf Stephan Hartenauer, 01/23/2021 03:54 PM
Actions #1

Updated by Jim Pingle 10 months ago

  • Status changed from New to In Progress
  • Assignee set to Jim Pingle
Actions #2

Updated by Jim Pingle 10 months ago

  • Status changed from In Progress to Feedback
  • % Done changed from 0 to 100
Actions #3

Updated by Jim Pingle 10 months ago

  • Status changed from Feedback to Resolved

Could easily replicate the problem on previous snapshot, current snapshot is working well. The entries in the DNS resolver access_lists.conf are formatted correctly and appear in the new expected order (sorted).

Actions

Also available in: Atom PDF