Opnsense + Unbound DNS - works on iOS/Android but not Windows
I setup a kids VLAN/interface with a separate DHCP range that all kid devices will connect to and be filtered on. It works fine - so I enabled unbound, cleared out DNN settings from the kids DHCP/interface, and all Android/iOS devices connect and get filtered properly. Windows devices show "not connected to internet". It's like it can't resolve the Windows domains that determine internet access.
I've verified nothing is being blocked by nextdns. I've looked at blocked traffic on opnsense, and don't see any. I've even done a packet capture on the various Windows devices, and it looks like it's getting reset flags once in a while.
Not sure what I'm doing wrong - just seems to be broken for windows.
Opnsense default LAN - 192.168.1.1/24
Kid VLAN - 192.168.2.1/24
Ubiquiti wifi. Using DHCP relay servers. DHCP works fine.
DNS server on windows clients show 192.168.2.1 which is accurate - but they time out when connecting to internet. Android and iOS work just fine and show up in nextdns logs.
Any ideas? I'd love to pay for a subscription, but can't if Windows devices aren't filtered with it (I'd rather not install clients, so that anything on the kid network is filtered).
Are iOs and Android devices connected to kid's vlan too?
Is windows machine also connected via wifi or cable?
Is dns settings on mobile devices point to 192.168.2.1 as dns server or directly to nextdns servers?
Do you see incoming request from win machine in opnsense (firewall/log files/live view, and filter dst-port is 853) and what about on port 53?