Newbie install. had dns server issues. What did I do?
-
I successfully installed PFSense and have a pretty good initial configuration. It's been backed up, just in case.
I ran into an install problem. I solved it but don't really know what I did wrong initially. A little shared experience., please.
After a reinstall (I messed something up during the initial config - too much experimentation, which otherwise worked great), I could not get DNS resolution to work. I had internet, just no DNS. I could override it on my PC. Eventually I entered comcast servers on the general set up page and unchecked a box that allowed the numbers to be used.
Setup provided the comcast dns servers, along with 127.0.0.1 and a couple of weird port number entries. The first setup, the one I messed up, had only the comcast dns servers in that box. It worked great. ipconfig on my pc said my dhcp and dns servers were 192.168.1.133, which I have no idea of what that device is. A NAS box also picked up 192.168.1.133 as a dns server, but came around to the right one after a reboot. The pc I was on has 192.168.1.101 for the ip.
What happened and how do I clean it up so I don't need the override?
Ooma is also supposed to be a router. My old routers didn't even notice issues with it. Could PFSense have drilled down a little too deep? Just speculating.
-
Are you running a DHCP server? What are the DNS settings it's giving out to clients?
-
Are you running a DHCP server? What are the DNS settings it's giving out to clients?
Yes, DHCP server, assigning from 192.168.1.100 to 192.168.1.150. It worked fine if I used ip addresses or hard coded the dns server in ipv4 properties on the windows client. Small network.
The current dns server box states 127.0.0.1 and the two comcast servers. The odd port oriented entries are not there. I have everything working fine. I just wonder why it worked perfectly the first time and had issues on the reload. Actually I did several reloads to try to figure out the issue. Eventually I went with the override and moved on.
I'm struggling a bit with port forwarding. There are a few fields I don't see on simpler routers. Also, my slingboxes are wireless clients on a couple of wireless bridges. The ip addresses they use and the ports are not obvious. I'll figure it out though. PFSense does not 'hold' the UPnP settings like DD-WRT does when you turn it off.
Edit: I just noticed the mac address for each client attached to the wireless bridge is the same, but the IP address corresponds to the device. So, how do you port forward on that? Assume that the wireless bridge will figure it out OK if it needs to match ip with mac address? Or just forward the port to the bridge ip?
next edit: never mind port forwarding. I figured it out. a Fing utility on my tablet exploded the ip addresses behind the client bridge. Got it. Slingboxes are a-ok. port forwarding to the client bridge ip address was ok, but seemed too loose to be practical.
ooma configured with no issues automatically. No port forwarding needed.
next: advanced protection features such as snort. Any advice?
-
Glad your up and running.
next: advanced protection features such as snort. Any advice?
Head over to the Packages->IDS/IPS section and search/ask there.
Tons of good info if you look around a bit. -
I solved, sort of, the weird DNS problem. Somehow, PFSense picked up a slingbox behind a wireless client router as the local gateway, rather than the real local gateway.
My network is small and common, except for two wireless bridges. Both have media devices attached. One is a 5GHZ DD-WRT wireless bridge with 3 devices. The other is a 2.4GHZ little travel router set up to turn a device into a wireless one. I also use the 2.4GHZ radio on the DD-WRT wireless bridge as a 2nd SSID to avoid possible congestion on the main router.
IP addresses behind wireless client bridges are sometimes hard to see on ARP cache lists and DHCP lease lists. Using a tablet and a fing utility, I noticed that a slingbox behind a TP-Link 702N travel router in client bridge mode had an IP address of 192.168.1.133. Somehow, this address permeated across my network as a local gateway. This caused DNS to fail until I overrode that setting.
Oddly enough, I also had the same IP address, 192.168.1.110, on two devices.
I unplugged all the above offenders to let their leases expire and will reset them today, probably with fixed IP addresses since I will also have to port forward them in order to watch the slingbox outside of home. If that doesn't work, I'll do a full reset with the devices unplugged and attach them after the base network is up.
I think PFSense's set-up programming is a little too effective and really searches the network deeply. In the process, it gets a little confused if it runs into a configuration that's a little different from most.
Edit: Just checked a device that had 192.168.1.133 as default gateway. It was reset to 192.168.1.1 automatically since 192.168.1.133 was unplugged last night, as described above. Looks like PFSense repaired itself.
-
@jim1000:
FSense's set-up programming is a little too effective and really searches the network deeply. In the process, it gets a little confused if it runs into a configuration that's a little different from most.
What? You have multiple rogue DHCP servers on your network. (Plus misconfigured as well. None of this wireless stuff on your LAN should run any DHCP server. It should be plugged to a switch via some of the LAN ports and have DHCP server, NAT, firewall and pretty much everything else OFF.)
-
@jim1000:
FSense's set-up programming is a little too effective and really searches the network deeply. In the process, it gets a little confused if it runs into a configuration that's a little different from most.
What? You have multiple rogue DHCP servers on your network. (Plus misconfigured as well. None of this wireless stuff on your LAN should run any DHCP server. It should be plugged to a switch via some of the LAN ports and have DHCP server, NAT, firewall and pretty much everything else OFF.)
You nailed it, I suspect. The TPlink travel router / bridge was set up using their wireless client wizard. I just assumed it was hunky-dory since it worked with no problems before when installed on an established network. I just reconfigured it but will make sure DHCP is off on it. The DD-WRT router was A-OK since it was a manual config to make into a wireless bridge. Thanks for the added insight.
-
Just a like to DD-WRT howto in case someone else hits this thread in future: http://www.dd-wrt.com/wiki/index.php/Wireless_Access_Point