Alternative DNS Servers - no filter/censorship (buydomains.com problem)
-
Then select both lan and localhost ;) ALL is BAD practice!!
Here is mine
-
I wouldn't screw with the gateway… unless you are in the mood to upgrade to a ISP/Modem combo that gets you a public IP on the pfsense wan?
-
Not sure if you know, but you select individual interfaces by holding the cntl key while clicking on the ones you want.
What johnpoz is saying is best - I was trying to keep it simple…
-
Not sure if you know, but you select individual interfaces by holding the cntl key while clicking on the ones you want.
I know that :-) - My computer knowledge is good but pfSense is overwhelming :-)
So the important part here is that on "Network Interfaces" you just have the internal and
on "Outgoing Network Interfaces" the external stuff?Gateway:
I did check my ISP router and i have the bridge option now.
I made the hack a year ago and the option was not there - seems like after
some firmware update it changed.
I have a warning "from manufacture not supported change".So i can select LAN2 as bridged.
But if i do that and connect my pfSense WAN NIC to LAN2 i can not reach the router anymore with 10.0.0.1.What changes do i need to make in pfSense to test it?
I guess in "Interfaces > WAN" and "System > Routing > Gateways" -
Is your WAN DHCP or PPPoE?
(Or Static?)
-
Wait. If you select bridged your router is no longer a router so you might not be able to get to it any more at all and, frankly, who cares?
-
Is your WAN DHCP or PPPoE?
(Or Static?)Static - pictures of WAN and gateway settings are ad top of this page :)
Wait. If you select bridged your router is no longer a router so you might not be able to get to it any more at all and, frankly, who cares?
I care cause the phone book, caller list, fax stuff and everything is handled by that box.
There are two phones connected to that box. You can't use dedicated VoIP phones with german
cable ISPs (VoC) cause they don't work. They don't give you the access data and it only works from
your box in your house (not like normal VoIP). -
Yes - I call it built in BS and multifunction trash designed to purposely remove your options. Very familiar with the concept.
-
Is your WAN DHCP or PPPoE?
(Or Static?)Static - pictures of WAN and gateway settings are ad top of this page :)
Meh, what is your connection protocol to your ISP ….
You should get your public IP on WAN if bridged works or is supported at all, which you must test.
Close your firewall WAN inbound vulnerabilities first. -
@hda:
Meh, what is your connection protocol to your ISP ….
What do you mean by protocol?
It's DOCSIS, IPv4… -
Static - pictures of WAN and gateway settings are ad top of this page :)
At the top of what page?
Forum users can set how many messages per page are shown.
Please provide a link to the exact post or attach it again. Thanks.
-
Sorry: https://forum.pfsense.org/index.php?topic=87678.msg483594#msg483594
-
Yeah, that's a static on 10.0.0.1. If you're bridged to the internet you should, somehow, get a public IP on WAN. This is usually accomplished with DHCP or PPPoE.
-
What do you mean by protocol?
It's DOCSIS, IPv4…So, then probably your protocol is a DHCP on WAN, anyway you have to test.
Beware if it works or is supported by ISP Unitymedia:- "front door" is open, control inbound ports on WAN
- may lose the phone capabilities.
- "front door" is open, control inbound ports on WAN
-
You don't have any DNS servers set up on your General page but your WAN is setup for static!
I believe the pfSense box will use DHCP to locate needed DNS. (Ive not tested this)
On the General page fill in at least one DNS and click both boxes below.
-
I made a test with the settings in the attachments.
I also tried it with setting 8.8.8.8 in the general page.In the dashboard i see then:
WAN (DHCP): a public ip but different then the one i have in my ISPs router
DNS server(s): the same like in my ISPs routerand i get "unable to obtain update status" - so no internet.
-
I guess you don't like the way I suggested to do it?
-
Just testing and you wrote: pointing to the modem is how grandmother did
The DMZ way (how it is now) works. But if it's better without double NAT and i can get it to work?
But from looking around more on that topic and this box it seems like nobody has it working.
Looks like only business tariff customers can use the bridge cause they get a second IP. -
I got a new router from the ISP and had to change stuff because on that stupid thing you can't change the IP to another subnet.
So i did read through this thread again and need to ask again even if you kill me :(I can't get bridge mode here so i have to set:
Interfaces > WAN
IPv4 Upstream gateway: GW_WAN - 192.168.0.1
Right?I had kejianshi's suggestion running now the last 2 years:
@kejianshi:Go to system > General
delete all your server IPs.
uncheck Allow DNS server list to be overridden by DHCP/PPP on WAN
uncheck Do not use the DNS Forwarder as a DNS server for the firewall
save.
Then go to DNS forwarder and make sure its off. Save.
Then go to DNS resolver and make sure its on.
Turn on DNSSECSave
BUT still don't understand if for this setting and with no bridge mode his statement is true:
@kejianshi:Now, you should have raw, un-tampered unmolested DNS from the root servers.
Also still others here wrote you have to put a DNS server in System > General Setup
So with kejianshi's suggestion and without bridge mode I'm using the ISP's DNS server - yes or no?
I also saw on the Timeserves setting:
Remember to set up at least one DNS server if a host name is entered here!
