@nich17 said in Accessing external domain from inside:
@johnpoz @kpa @viragomann
I enabled the dns forwarder, now the dns server on the clients points to pfsense (192.168.0.254). I've written our internal domain on the domain override.
Internet works well, our internal domain works well, our external domain works well if you access it from outside our network, but when I access the external domain from inside the network, it's always the same thing, it points me to pfsense.
It points me to pfsense (192.168.0.254) and it's giving me the dns rebind error. I disabled the rebinding and, as I said, it points me to pfsense.
Can someone help me?
Hang on a second, how is your external domain resolving to an internal IP if you have only added your internal domain to the Domain Overrides?
I think you might be confusing terminology here.
Domain Overrides tells the DNS forwarder to use a different upstream DNS server for that specific domain.
Host Overrides tells the DNS forwarder to IGNORE all other DNS servers and send back the IP address specified for those hostnames. As such, I believe you don't even need an internal DNS server beyond pfSense, its much easier to manage all your internal DNS from within pfSense itself.
If you are wanting the external domain to resolve to internal IPs then you should be putting THAT into Host Overrides.
eg My public IP resolves to server.my.domain at my domains DNS host, in pfSense I have a Host Override for server.my.domain that points to its internal IP address. So when inside the LAN it resolves to the internal IP. I rarely ever use the internal domain for that server as its not necessary.
If you want to wildcard the whole domain (so that server1.my.domain, server2.my.domain, etc all point to the same IP address without having to add each one manually), you have to use custom options and add:
address=/my.domain/<SERVER ADDDRESS>
Replacing my.domain with your external domain and <SERVER ADDRESS> with your servers IP.
If you use DNS Resolver it works exactly the same except the custom option is:
server:
local-zone: "my.domain" redirect
local-data: "my.domain 86400 IN A <SERVER ADDRESS>"