Hoping to get some help setting up a unifi firewall rule to allow outbound traffic from my HE. I am trying to install Package Manager, but my hub can not resolve the DNS on Github.
I agree with @ronv42 unless you created a rule, firewalls do not block outbound traffic, mainly inbound. But DNS greatly affects outbound. How is your hub getting the IP stack, via DHCP? What DNS is the DHCP server giving out? Try adding Google's DNS as a secondary (8.8.8.8). Also can your computer resolve the address?
Try using a DHCP (better yet a DHCP reservation) to test and see if it can resolve with a distributed IP. If so work backwards from there to find the dif. Does your Hub have cloud access? Update and dashboards, is it just github or all internet traffic?
Total shot in the dark, but maybe you're running into the issue discussed in this thread. This post has instructions for setting DNS servers based on the generation of hub: DNS bug in 2.2.5.119
Thanks everyone. This worked! I set my hub DNS to 8.8.8.8. Also changed to DHCP, so I'm not sure which was the actual fix.
I do seem to have that DHCP bug though. I had to manually look up the assigned IP. Web UI is directing me to the old IP. Hopefully some restarts will fix.
I set HE settings to static, thinking the DHCP settings in unifi needed to match.. I now have HE settings as DHCP, and Unifi set to DHCP overall, and static for the HE device. Everything is functioning properly
Piggybacking on this. Anyone using vlans on their UniFi, then dns and/or dhcp through pihole? Any recommendations? As Iām reading it, pihole only hands out dhcp to one up range?
I tried many ways and decided to leverage the DHCP server in my Untangle router since each VLAN has it's own DHCP configuration. Those DHCP configs then points DNS to my Pi-hole which is on a "public VLAN core" and router rules setup for each VLAN to route to the Pi-hole for DNS.
I tried to have the Pi-hole listen on 0.0.0.0 and then created mutiple VLAN interfaces in the Pi and it was just not working. I am sure I missed something in that config when I was hand writing DNSmasq custom configurations.