You can manually edit the config.xml file (/cf/conf/config.xml). each entry is in the config file under an element called "staticmap"… just create a couple of entries via the UI and you will be able to find them in the config.xml. Manually edit to your hearts content - then reboot.

No problem - why were are here ;)  I have not been able to find any reasoning behind MS not allowing for the dhcp request.  They update their dhcp server software to be able to offer it, and have documentation on how to add option 119..  So why would they not allow their clients to use it via dhcp?

I get 2.2 is not production-ready ;)

Meanwhile is there a way (either via Web GUI or SSH) to change (eg. add "interface: 192.168.0.254" line) to Unbound configuration file?
I've browsed into pfSense file system but could not find the configuration file Unbound program actually uses.

Other possible solution: an iptable-like rule to re-route traffic from 192.168.0.42:53 to 192.168.0.254:53. Does it even exists on pfSense?

Hi anyone have any new thoughts on this problem? During this time I have tries 2 other Linux firewall software packages on the same hardware and don't have this problem but would really like to use pfsense.

Hello

I installed pfSense from scratch and I saw that there was a mistake when I went to set the LAN card on pfSense, in fact, put the Gateway, and it would not let me run anything …. in fact if I went on Status - Gateway I Gateway is the the WAN to the LAN, the LAN I deleted that everything works now via DNS Forwarder can block facebook

Hello and thanks to all

I have experimented with different values for lease expiration and settled on a day to try and make it as painless as possible for guests who say check in a 6PM and use their computer the following morning. I was trying to rule out an issue with shorter leases where a single user may be assigned several different addresses thereby consuming multiple addresses over the course of their stay. It seemed like this may have been happening as at any time there may have been 60 devices but yet nearly the entire scope was consumed.

However, I will change it back to a shorter lease time as I think the real cause of the issue was in the naming of the access points, they had been identical and so guests were jumping between them and I think that was in fact causing the multiple leases to a single device. So now SSID are 1, 2, 3, etc…

I'll also try setting up a cron with the service reboot, thanks very much.

Any other suggestions, they are all greatly appreciated.

I fail to see how LLDP would have anything to do with your switch grabbing a DHCP IP for its management address, but alright.

The easiest way is to make pfSense LAN IP the upstream DNS server on the Windows Server Domain DNS. Then your domain clients can all use the domain controller (DC) for DNS, and the DC can get DNS from pfSense, then pfSense get it from OpenDNS.
On pfSense General Setup you need to put OpenDNS IP addresses for the DNS Server/s.
Then you can block other DNS on LAN, like in that doc.

Alternatively, you can put OpenDNS server IPs in the domain controller DNS, and allow just traffic from the DC to OpenDNS (or to any DNS) on pfSense LAN). That way the DC can go directly to OpenDNS.

And give domain clients the DC as their DNS server.

You can leave the interface for administrative users open if you like.

You will need some Dynamic DNS to update a public name on that dynamic IP WAN - then use that name in OpenDNS, so it will know "who you are" and can implement your filter setings.

Was this ever fixed for Namecheap, or do I still need to use the cron job and fetch?

Thanks to johnpoz & phil.davis.
Sorry i apparently either did not receive a reply or missed them in my e-mail

I guess my problem was that I've always thought of the (.***) as the extension and not the domain.
and wouldn't you know it, as long as you don't put any (_) in the domain fields it's all fine and dandy. :) :D ;D :o ??? ::) :-[ :'(

so using (hotspot) as the host, and (.m2m) as the domain, it's all of a sudden accepted as a correct and valid response….... & YEAH it Works! (in both the host and domain override boxes).

oh and no (WWW.) required, the app simply does not require that.

so now I can grab my iPad and manage my hotspot, which manages my WAN Internet connection. which is very handy for details like current DATA usage!!!, session usage, text messages, battery state, attached devices ( which should only be my PFS Box (Have To Make Sure the Neighbors Don't Get on as Somebody Else Is Slightly Paranoid, And I'm Happy with WPA2 Passwords), And Other Miscellaneous Settings.

But Best Of All, i can let other people in the house use the app to see how much data we've used so far without using the data. ( of course accessing the hotspot may not always be accurate, but is at least local and a relatively close estimate of usage)

@razblack:

hello,

i have been using dnsdynamic.org lately, but you have to create a custom service in pfsense as it is not listed.

i would tell you how to do this, but i can't figure it out yet.

https://www.dnsdynamic.org/api.php

they do have an API.. i tried using a simple URL (example they show)

https://username:password@www.dnsdynamic.org/api/?hostname=techno.ns360.info&myip=127.0.0.1

but since the username is an email account, pfsense throws this in the logs:

php: /services_dyndns_edit.php: Curl error occurred: Couldn't resolve host 'myemail.com:password@www.dnsdynamic.org'

i'm guessing when using a username of 'username@email.com' the @ it is breaking things.

I have a solution for those looking to update a DNS Dynamic hostname via pfSense.

Choose Custom from the Service Type drop down and set a proper Update URL.
See the code block below for example URL syntax.

The key is to HTML URL encode the at symbol in the URL.  The @ symbol is %40 when encoded.

https://username%40domain.com:password@www.dnsdynamic.org/api/?hostname=myhostname.mydomain.org&myip=%IP%

Thanks, I've done so for the code part, but what about the docs?

It turns out that the domain override in the DNS Forwarder actually adds wildcards, it is just that the docs and the label/legend in the GUI does not explicitly say so.

If you need a wildcard in your DNS forwarder (*.domain.com)

1. Log in to pfSense instance via the web interface.
  2. Go to Services-> DNS Forwarder (http://pfSensense_url/services_dnsmasq.php)
  3. In domain overrides: add as many as you need, each entry on a new line.

netflix.com 208.122.23.23

Where netflix.com is the end of the wildcard entry, and 208.122.23.23 is the ip of the DNS server that these wildcard names will be resolved by. Think of netflix.com as *netflix.com. So www.netflix.com, api-public.netflix.com, and anything else that ends in netflix.com and is not defined elsewhere, will be resolved by the DNS server at the ip provided. Each entry is translated into a –server=/domain.com entry for dnsmasq. See dnsmasq man pages for further details.