I too have wireless on my opt port so I like having the old lease being shown until I delete it myself or it ran out of IPs. Since most of us have large DHCP scopes the old entries won't get purged until it runs out of fresh IPs. In your case you could drop the scope down a bit and it will clear itself out. Darkk

@jimp: When testing with DNS tools, always end a fully qualified domain name with a "." - otherwise it will assume you want to append your system's search domain. So to lookup "www.google.com" you must use "www.google.com." The most common way that you see the behavior you are getting is if "mydomain.com" has wildcard DNS enabled, so it's responding to any query with the same reply. Due to the search domain being used, it ends up getting a response for a query that usually fails. So your problem could be solved by disabling wildcard DNS on your domain name. try without www, don't use it at all.

It can be anywhere a hostname is allowed: firewall aliases, IPsec endpoints, captive portal allowed hostnames, etc. It might be easier to download a copy of the config.xml (From Diagnostics > Command) and then search through the file to see where it is.

I have it fix by using the IP of the captive portal gateway under Services>Captive Portal>HTTPS Server Name

Hello! I think you need to bridge WAN and LAN. /illern

everey interface you assign needs a static IP address. after saving and applying this you have to go to SERVICES - DHCP server and configure the dhcp server for you interfaces LAN, OPT1, OPT2, OPT3 saving and applying this. Thats all.

Do you have a router between pfSense WAN interface and Internet? If so pfSense won't normally see changes in the public IP address. I'm using a pfSense 2.0 snapshot build and the following description applies to pfSense 2.0 which I presume you are using. When last I looked, if the WAN interface has a private IP address then the public IP address gets polled (by visiting a web site that return just the public IP address) at 1am with a change in public IP address triggering a DNS update (if dynamic DNS is configured). If you have a modem between pfSense WAN interface and the internet then the WAN interface probably has a public IP address and pfSense can see when that IP address changes and immediately trigger a dynamic DNS update. I use a dynamic DNS service. I used to have an ADSL modem/router (acting as a router) between the pfSense WAN interface and the Internet. I changed it to a modem to get prompt dynamic DNS updates.

Xtropx… NP Thanks for the info and this gives me more understanding on rules.... I see you have setup specific ports for specific services on the WAN side... Best Regards; H.

Hi… that is strange... If you have the DNS setup and the DNS server is on same inside LAN subnet is it possible the pfSense is using outside DNS gateway server? I also know Squid can cause naming issues but not sure if this is the issue either as I only ran it on one setup I was using and had name resolution through the gateway... I never checked the DNS on the internal lan as it was a small network with one static IP database. H.

Tilleback… Glad you got it going... H.

Yes.. you can do this… If you record the mac addresses of the computers you can add them to this DHCP scope... [image: 6-14-2011%205-45-37%20PM.jpg]

UPDATE… Looks like a bad hardware issue... I removed the drive and put this into another x700 and it runs! Dunno what the deal is but here is what the interface was doing... [image: 6-14-2011%204-21-27%20PM.jpg] The 3750 is running without any config and setup in default. I will have to test out the other box but it appears that something may be up with re1? Thanks for all your suggestions… UPDATE - 6/15/2011 - I tried the default OEM memory and replaced the processor to the OEM celeron - No Joy... This re1 port is still having issue. So I will use re0-re2-re3 etc. and bypass re1... Now I am not sure if anyone can trust this box...!  :-\ H.

I also find that answer from name.com confusing. First check to see if your domain translate to your public IP address http://www.servercheck.me/domain-ip-lookup/ If not verify your settings at name.com https://www.name.com/faq/how-do-I-add-a-new-dns-record

Thank you for your answer Wallybob but I just solved this. I found my solution here: http://forum.pfsense.org/index.php?topic=30653.0 I am running a vmware ESXi virtualized firewall and I was soooo sure this wasn't causing any problems :-) Well…my solution was to "enable promiscuous mode on the virtual switch port group".

Almost 3 years later and I think I've figured out the problem. It seems that you only specify the "Failover peer IP" on the first interface which will run DHCP server - not on any other interface.  In my case the first interface is the LAN, I'm not sure how pfSense decides which is the "first." In the correct setup, I have one Failover Group - "dhcp0" and it contains addresses from 192.168.1.0 and 192.168.3.0. I hope this helps someone else! Best, Martín

So simple, must have missed a step, I had to enable all traffic to pass on the wan port.