Hi guys,
We are using PfSense. and are experiencing problems accessing our address blah.blah.blah from our local network.
It is however Working from Any Other Network…
IP is on Local Network, towards which the DNS is supposed to point.
The issue appears to be DNS not getting Resolved or Forwarded or something else, to IP which is on our Local Network.
Pings are going through nicely, as if everything was working properly…
Even crazy ideas are welcome at this point.
P.S. Atm the version of PfSense that we are using is a little bit outdated.
Thank you.
For example, if you have a server with IP 10.0.10.10 on your local network that should be reachable at mylocalserver.domain.tld, it would look like this:
Are your clients actuially using your pfSense box as their upstream DNS resolver…?
Is the DNS Resolver on your pfSense active on all interfaces, respectively is the corresponding interface / subnet selected under Services → DNS Resolver → General Setting → Network Interfaces ?
What’s the result if you try to lookup your server under “Diagnostics → DNS Lookup”? If it resolves the correct IP, maybe the issue is on the client side.
Do the clients actually use pfSense as their primary DNS server?
How exactly does the error manifest itself? Did you test with tools like dig or nslookup or did you encounter the issue only in certain applications like e.g. a browser? If you are trying to access your server from a browser, make sure that the browser isn’t exclusively using DNS over TLS or DNS over HTTPS.
Other than that, I can’t think of anything else right now. Maybe others here have some more ideas…
Hi @slo.bo.dan
for internal DNS resolution, is there an DNS Server like Microsoft AD integrated DNS oder BIND DNS in place ? cause is see not your domain e.g. mylocalserver.domain pointed to your internal DNS Server to resolve the FQDN to an IP in my case, i’ve an BIND9 for internal ressources and and forwarder to my permitter firewall for all of the other DNS requests. That’s working fine.
Has the ping been initiated on a client device? If yes, did you ping the actual domain name, and did it resolve the correct IP address?
If you can answer all questions with a yes, then the DNS override on the pfSense is working and the problem most likely lies somewhere on the client side, if it is a DNS issue at all…
This would bring me to the following questions:
What exactly brings you to the conclusion that this is a DNS issue?
What service are you trying to access (web application, SAMBA share, SSH etc.) and how exactly do you try to access it? (Web browser, a specific client application, …)
From where are you trying to access it? (PC, Mobile etc…) and what OS is the client using (Windows, macOS, Linux, Android etc…)
How exactly does the error manifest itself? (timeout, error message, etc…)
Yes. Pinged from my laptop.
Yes, pinged the domain name.
Yes it resolved the correct IP address (from PfSense correct internal IP, from CMD displayed correct external IP).
The guy who quit this job before i got it, before leaving said it was a DNS issue, and that he had this happen before and that he resolved it with DNS Forwarder or DNS Resolver
Its like a web app thats hosted on a server locally, for a bunch of Professors to input their stuff.
On a browser / PC, they would access it normally through domain name, or worst case scenario directly typing in the IP. Both cases dont work from the browser anymore.
(interesting though it does appears to work when typing in internal server IP/student-portal. So for Students it works, just not for Professors atm)
(also the locally hosted app is maintained by a company externally, and it should be fully functional, so the problem appears to have to be somewhere on our local network)
in my case, i’ve an BIND9 for internal ressources and and forwarder to my permitter firewall for all of the other DNS requests. That’s working fine.
