Create a static route for one of the DNS servers pointing to the second WAN gateway.

Are you using the packet capture mechanism to verify that it is indeed not sending any more discover messages?

I have re-created the entry in dyndns, and disconnected/reconnected from ADSL, and now it works fine.

I deleted all lease files, and it works again. I do not know what went wrong, but cleaning did the trick.

Hello, sorry for the delay. I'm using static Ip's only because i have to. I'm trying to have a normal Lan, on which the servers are defined with a static IP (the IP is given by pfsense) and every other computers receive and address from the DHCP. The server is configured correctly. The problem is when a user with a dynamic address try to ping, or try to connect to a SQL database using the hostname of the server, he is redirected on an opendns server, whereas a user configured with a static IP (with the exact same configuration than the one forwarded by the dhcp server) can reach the server. I don't understand this process. My not having Internet depends on the DNS configured in the dhcp server. It is said that if dns forwarder is enabled one must use the interface's Ip. However if i do this i can not reach the internet, whereas if i configure a real DNS, i access the internet.

Did you uncheck the option to allow override from DHCP servers?

Figured it out. Here's how….. To register the SRV entries you need to use the RAW record type but it needs to be in a specific format. So here's an example Original Entry from the domain control is... _ldap._tcp.my.domain.com. 600 IN SRV 0 100 389 dc.my.domain.com. using a SRV record creator such as the one at this site = http://www.anders.com/projects/sysadmin/djbdnsRecordBuilder/ scroll down to the section "djbdns / tinydns SRV" you need to fill in the form so for the example above we would use. Service:   _ldap._tcp.my.domain.com Priority:      0 Weight:      100 Port:              389 Target:      dc.my.domain.com Time To Live:    600 Then press "Build SRV Record" and a windows pop's up containing the raw string.... :_ldap._tcp.my.domain.com:33:\000\000\000\144\001\205\002dc\002my\006domain\003com\000:600 Now you just need to enter this in to PSsense Tindy DNS server as a raw record, so.... Record Name = _ldap._tcp.my.domain.com Record Type = raw Record Data = :_ldap._tcp.my.domain.com:33:\000\000\000\144\001\205\002dc\002my\006domain\003com\000:600 Then that should be it done. If you have windows box's you can test it, open a command prompts nslookup set type=srv server "your dns servers ip" _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain.com RESULTS in ......................... _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.my.domain.com SRV service location:           priority      = 0           weight        = 100           port          = 88           svr hostname  = dc.my.domain.com Hope this helps someone. Keith

I testing using browser also. When i fill url with kerapu.htp-mohe, it cannot resolve the ip. So, i cannot view page from server. Please assist me.

Cisco has a "Switchport Protected" Command. It will only allow users to talk to non-switchport protected ports. (pfSense is the only non protected port) This way users can only effect them self's, if they happen to assign them self the default gateway If a user happen to assign them self an IP address that was given by the DHCP server, I guess he could bring down one PC, but that would have to be a lot of trial and error. This is really only in DHCP networks.

It's not that modifying the configs directly is bad. The problem with messing with files directly is, that it's not persistent. The next time the rules are reloaded or you reboot all your changes are lost. This due to the nature of pfSense of generating all configs dynamically out of the config.xml. If you're using a fixed config, you could backup the config file of the DHCP and copy your own file over the dynamically generated config with a cronjob or something like this.

Might be under the "System Logs" section, my pfSense host has static IP allocation so I'm not sure.

@ravager: Hello everyone, I fully expect this to be an issue with something I misconfigured, but for some reason DNS resolution is not working on the pfsense box.  I have the proper information in it for my ISP, static IP, GW, netmask and DNS servers, but it will not resolve DNS. In order for me to get DNS resolution working on my host PCs I had to disable the DNS forwarder and have DHCP dish out the public DNS servers. Any assistance would be greatly appreciated. Hello everyone, I have same problem. I use Multi Wan with Loadbalancing: 1 lease line and 1 ADSL (pfsense PPPoe client)

Hi, Yeah same error here. always had that error but never payed attention to it since I didn't need DHCP on opt2 interface (only happens when I click on that tab in "DHCP server". The error from lighttpd: 2009-05-19 19:23:43: (mod_fastcgi.c.2462) unexpected end-of-file (perhaps the fastcgi process died): pid: 561 socket: unix:/tmp/php-fastcgi.socket-1 2009-05-19 19:23:43: (mod_fastcgi.c.3254) response not received, request sent: 950 on socket: unix:/tmp/php-fastcgi.socket-1 for /services_dhcp.php , closing connection 2009-05-19 19:23:44: (mod_fastcgi.c.2462) unexpected end-of-file (perhaps the fastcgi process died): pid: 557 socket: unix:/tmp/php-fastcgi.socket-0 2009-05-19 19:23:44: (mod_fastcgi.c.3254) response not received, request sent: 950 on socket: unix:/tmp/php-fastcgi.socket-0 for /services_dhcp.php , closing connection I haven't got a clue where to continue now…

@Assar: Suppose the user did not disable the wireless interface on laptop when physically connected. This would in that case result in two interfaces with same address. Is this desirable? DHCPD won't let that happen. It will check first to see if the address is actually in use, and if so, assign a different address. With ISC DHCPD, which pfSense uses, static DHCP reservations are not absolute. They are more of a preference. That's the reason you can't assign static addresses inside of your DHCP pool: That IP could end up assigned to another machine if the machine with the reservation was powered off.