Unable to resolve my local FQDN for my self-hosted services


I have been using my AR750 Slate whenever I travel. I used to use WireGuard and everything was working. Recently, i had to switch to OpenVPN due to the WireGuard on OPNsense is acting up.

The problem that I’m experiencing with the Slate is i could not access my self hosted services. I’m using a reverse proxy (nginx proxy manager) to get access some of my services. Also, I’m using the adguardhome plugin on OPNsense as my adblocker.

When the Slate connects via the OpenVPN, i can browse the internet without a problem, except for accessing my services via their FQDN - e.g. emby.internal.lan, kosync.internal.lan, etc. I can ping the address, I just couldnt resolve any FQDN. Since I’m using reverse proxy, it is important for me to use FQDN.

In addition, I could not reach my publicly available service such as nextcloud. E.g. nextcloud.external.com.

If dont use the Slate and VPN directly from my mobile or laptop, all my FQDN works without any issues, but with Slate only the Internet works. My OpenVPN is a full-tunnel

Have you defined a DNS server in your OpenVPN client on the Slate? That should point to your OPNsense router.

If you’re using AdGuardHome on your Slate, you should also add a DNS upstream for your local domain.

In Settings/DNS/Upstream DNS server, add an entry like this one:


That will force AdGuard to forward every request to your OPNsense DNS when it is asked to resolve a *.internal.lan domain.

I didnt define the DNS server on my Slate but got the DNS server from OPNsense. I checked the Slate and it shows that the DNS is the same as the OpenVPN gateway.

I’m not using the adguardhome on Slate. Do i still need to do the “/internal.lan/opnsense-ip:53”?

When i added the /internal.lan/opnsense-ip:53, i got an error “invalid dns”. This would not allow me to save the settings

If you don’t use AdGuard on your Slate, there’s no need to add the specific DNS entry.

FYI, please note that you need to enter the bracket [ ] for that DNS entry, so [/internal.lan/]opnsense-ip:53
That’s probably why you got that “invalid dns” error message.

Regarding your issue, I’m not sure why it’s happening, I’m not used to work with OpenVPN on the GL.inet devices. Maybe someone else on this forum could help you.

Is there any particular reason why you cannot use Wireguard on your OPNsense?

If you cannot resolve local DNS, it is generally because of the DNS rebinding protection.

Go to router admin panel → more settings → dns and disable DNS rebinding protection.

I used to use wireguard, but OPNsense is being a pain in a neck. I keep getting an error that it could not create the wg1 interface.

I have never enable this. All the DNS settings are disabled

It is enabled by default in firmware 3.x. You need to disable it.

I was using my Slate two days ago and it was disabled.