ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    KVM pfSense Issue

    Scheduled Pinned Locked Moved IT Discussion
    pfsensefreebsdfirewallkvm
    23 Posts 6 Posters 4.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Alex Sage @scottalanmiller
      last edited by Alex Sage

      @scottalanmiller pfSense is pointed to 8.8.8.8 and 8.8.4.4, and the clients point to 192.168.1.1 (pfSense) which should just forward the request on correct?

      scottalanmillerS 1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller @Alex Sage
        last edited by

        @aaronstuder said in pfSense - Fresh Install - No DNS:

        @scottalanmiller pfSense is pointed to 8.8.8.8 and 8.8.4.4, and the clients should 192.168.1.1 (pfSense) which should just forward the request on correct?

        No, what pfSense as an operating system looks at is unrelated to what the DNS server (is that BIND?) is configured to do. I'd guess that the DNS server hasn't been configured with forwarders yet.

        A 1 Reply Last reply Reply Quote 3
        • A
          Alex Sage @scottalanmiller
          last edited by

          I switched to DNS Forwarder, made no difference...

          https://doc.pfsense.org/index.php/DNS_Forwarder

          1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller
            last edited by

            If you are only going to forward, there isn't too much need to look to pfSense at all. Just have clients resolved from Google directly. If you are going to have the pfSense box be the DNS server, it needs its own forwarders to be set up.

            A 1 Reply Last reply Reply Quote 0
            • RomoR
              Romo
              last edited by

              Is the DNS Resolver enabled?
              0_1493399726594_pfsense-dns.png

              A 1 Reply Last reply Reply Quote 2
              • A
                Alex Sage @Romo
                last edited by

                @Romo You can't enable one without disabling the other, they use the same port 😉

                1 Reply Last reply Reply Quote 0
                • A
                  Alex Sage @scottalanmiller
                  last edited by

                  @scottalanmiller said in pfSense - Fresh Install - No DNS:

                  If you are only going to forward, there isn't too much need to look to pfSense at all. Just have clients resolved from Google directly. If you are going to have the pfSense box be the DNS server, it needs its own forwarders to be set up.

                  But then I can't resolve local resources, right?

                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @Alex Sage
                    last edited by

                    @aaronstuder said in pfSense - Fresh Install - No DNS:

                    @scottalanmiller said in pfSense - Fresh Install - No DNS:

                    If you are only going to forward, there isn't too much need to look to pfSense at all. Just have clients resolved from Google directly. If you are going to have the pfSense box be the DNS server, it needs its own forwarders to be set up.

                    But then I can't resolve local resources, right?

                    Correct. That's why I said if you are ONLY going to forward.

                    1 Reply Last reply Reply Quote 0
                    • dbeatoD
                      dbeato
                      last edited by

                      @aaronstuder said in pfSense - Fresh Install - No DNS:

                      fine. I am able to resolve names on the pfSence box itself. What am I missing?

                      This is like SOnicwalls, you either have a DNS server internally or have all the DNS go to external DNS providers.

                      1 Reply Last reply Reply Quote 0
                      • dafyreD
                        dafyre
                        last edited by dafyre

                        Post a Screenshot of your DNS Resolver settings and let's see if anything is amiss.

                        1 Reply Last reply Reply Quote 1
                        • black3dynamiteB
                          black3dynamite @Alex Sage
                          last edited by

                          @aaronstuder

                          https://ip-address/services_unbound.php

                          Under General DNS Resolver Options:
                          Enable DHCP Registration
                          "If this option is set, then machines that specify their hostname when requesting a DHCP lease will be registered in the DNS Resolver, so that their name can be resolved. The domain in System > General Setup should also be set to the proper value."

                          Enable Static DHCP
                          "If this option is set, then DHCP static mappings will be registered in the DNS Resolver, so that their name can be resolved. The domain in System > General Setup should also be set to the proper value."

                          1 Reply Last reply Reply Quote 1
                          • A
                            Alex Sage
                            last edited by Alex Sage

                            OK. Back to this again.....

                            Just did another fresh install, same issue...

                            I can ping everything perfectly from a client... other servers, Gateway, 8.8.8.8, but still no DNS....

                            black3dynamiteB 2 Replies Last reply Reply Quote 0
                            • black3dynamiteB
                              black3dynamite @Alex Sage
                              last edited by

                              @aaronstuder Can pfSense ping google.com?

                              A 1 Reply Last reply Reply Quote 0
                              • A
                                Alex Sage @black3dynamite
                                last edited by

                                @black3dynamite Yes, it can.... hmmmmm....

                                scottalanmillerS 1 Reply Last reply Reply Quote 0
                                • black3dynamiteB
                                  black3dynamite @Alex Sage
                                  last edited by

                                  @aaronstuder Double check your DHCP and DNS Resolver settings.

                                  A 1 Reply Last reply Reply Quote 0
                                  • scottalanmillerS
                                    scottalanmiller @Alex Sage
                                    last edited by

                                    @aaronstuder said in pfSense - Fresh Install - No DNS:

                                    @black3dynamite Yes, it can.... hmmmmm....

                                    So DNS works?

                                    1 Reply Last reply Reply Quote 1
                                    • A
                                      Alex Sage @black3dynamite
                                      last edited by

                                      @black3dynamite everything still set to defaults... Everything seems ok...

                                      A 1 Reply Last reply Reply Quote 0
                                      • A
                                        Alex Sage @Alex Sage
                                        last edited by Alex Sage

                                        Found the solution:

                                        Disable Hardware Checksum Offloading
                                        With the current state of VirtIO network drivers in FreeBSD, it is necessary to check the Disable hardware checksum offload box under System > Advanced on the Networking tab and to manually reboot pfSense after saving the setting, even though there is no prompt instructing to do so to be able to reach systems (at least other VM guests, possibly others) protected by pfSense directly from the VM host.

                                        Links:
                                        https://pve.proxmox.com/wiki/PfSense_Guest_Notes
                                        https://doc.pfsense.org/index.php/VirtIO_Driver_Support

                                        A 1 Reply Last reply Reply Quote 0
                                        • A
                                          Alex Sage @Alex Sage
                                          last edited by

                                          Factory Reset, Setup, Disable Hardware Checksum Offloading, Works Prefect.

                                          1 Reply Last reply Reply Quote 1
                                          • 1
                                          • 2
                                          • 1 / 2
                                          • First post
                                            Last post