Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense CE 2.7.0 doesn’t resolve DNS

    General pfSense Questions
    5
    7
    1.0k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bohaman
      last edited by

      Hello everyone,

      I’m new to Pfsense and currently running into problem and hope that someone could help me.

      I’m running Pfsense on my proxmox server. I installed it about 3 days ago and everything is working fine. However after I installed pfblocker dns stop resolving at my devices connected to Pfsense.

      I ping from the firewall Pfsense resolve address but when I ping at my end devices it doesn’t resolve dns. If I set a public dns server but not using my Pfsense as a resolve dns then the device can resolve dns.

      I thought to reinstall Pfsense again will work but my whole network still acting the same. When I falls back to opnsense my devices are resolving dns again.

      So I tried to re install and run Pfsense again but still problem still persist. I can resolve dns at the firewall level but not at the device it connected to, my phone my router. They all can ping 1.1.1.1 but not resolving dns unless specified a public dns.

      I’m not sure if anyone have this issue before.

      Thank you so much

      S NollipfSenseN GertjanG 3 Replies Last reply Reply Quote 0
      • S
        SteveITS Rebel Alliance @bohaman
        last edited by

        @bohaman Does it work if you remove pfBlocker?

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        B 1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          Check the resolver and firewall logs. Check the state table when clients try to resolve. Are they actually trying to resolve against the pfSense LAN address?

          1 Reply Last reply Reply Quote 0
          • NollipfSenseN
            NollipfSense @bohaman
            last edited by NollipfSense

            @bohaman said in Pfsense CE 2.7.0 doesn’t resolve DNS:

            I’m running Pfsense on my proxmox server. I installed it about 3 days ago and everything is working fine. However after I installed pfblocker dns stop resolving at my devices connected to Pfsense.

            Something about your configuration is causing an issue...you can start by removing pfBlockerNG as earlier suggested to diagnose whether the problem exists. If there is no issue after the removal, then you know that the issue is how pfBlockerNG is configured or lack of proper configuration in the communication with DNS...as if the default configuration was modified...
            you can see these links:
            https://docs.netgate.com/pfsense/en/latest/packages/pfblocker.html
            https://docs.netgate.com/pfsense/en/latest/recipes/block-websites.html

            pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
            pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

            1 Reply Last reply Reply Quote 0
            • GertjanG
              Gertjan @bohaman
              last edited by

              @bohaman

              You saw some good advises already.
              But, imho, the best one is missing.

              Out of the box, when you install pfSense and you only (!) change the password (do not touch the keyboard for anything else), pfSense will work just fine.
              Don't add 'DNS' IPs or something like that. You don't need them.
              You really should take a couple of minutes and find this point where pfSense works fine as a router firewall.
              This moment is very important, as, when pfSense doesn't work out of the box, you probably have compatibility issue between pfSense and the 'hardware' you use.

              The moment you see a pfSense freshly installed with zero modification, 'out of the box', working there can't be any more issues.
              Except for the ones you add yourself.

              After that moment, some one, that is you, starts to modify settings, add settings, even add pfSense packages, and quickly you find have the moment where "it doesn't work". This time, you have a fast way out : get one step back and you find the situation where everything was fine.
              That is : undo what you just did, and you're ok.

              You are using a VM, so understand the following : Even if pfSense running in the VM works perfectly well, "nothing works" if the VM is not set up correctly.
              My advise : use a dedicated (second) NIC inthe host device and assign it strictly to the VM, and have pfSense use this NIC as its WAN. The LAN interface can be shared for internal and external LAN devices.

              The best first experience, imho, is a dedicated, old PC with two NICs. Install bare-bone. Just to get a good first impression. Later on, you can always switch to a VM.

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              B 1 Reply Last reply Reply Quote 0
              • B
                bohaman @SteveITS
                last edited by

                @SteveITS
                Hello,
                Thank you so much for your reply. I have tried to remove PFblocker but problem still persist. I decided to delete the VM and created a new one with dedicated NIC passthrough but for some reason, pfsense is still very slow to resolve DNS (this is fresh out of the box). When I stopped the VM and start my old Opnsense VM everything is running fast again (as in DNS resolve).

                1 Reply Last reply Reply Quote 0
                • B
                  bohaman @Gertjan
                  last edited by

                  @Gertjan

                  Hello,
                  Thank you for your detailed answer. I have tried to even fresh installed the VM with NIC passthrough out of the box but PFsenese takes at least 5-10 min to resolve DNS. AFter the initial time my devices connect to it can resolve DNS. However, if I leave it over night or in the morning when I turn on my computer again. PFsense is still running 24/7. It takes at least about 5 min before every device can resolve DNS again.

                  As you have suggested, I think it may lies at my Proxmox server. I may have to install it barebones.

                  Thank you again for your time.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.