[Solved] Weird DNS Issue
-
I am a college student (University of Cincinnati) in a dorm. I set up the PFSense router with the WAN connection going to the school's private IP network and the LAN connection going to my PC. I cannot get DNS to work right.
I manually specified the school's DNS servers on my PC and that works (not a permanent solution)
If I specify any other DNS (like google's) on my PC I can access the Internet but not the school's sites
If I leave my PC on auto and the router's wan on auto (no DNS services either) I can again access the Internet but not the school
Manually specifying google's DNS on the router's general setup page cuts off all access to internet AND school sites
Specifying the school's DNS on the router's general setup cuts off all access to internet AND school sites
Turning wan to auto DNS and specifying my school's DNS in the DHCP server puts the router as my PC's DNS server and gives me no access
Disabling auto DNS and not specifying DNS on the WAN port but leaving the school's DNS in the DHCP give me no access
Lastly I enabled DNS Forwarder and put the wan on auto which gave me internet but no schoolTo clarify, did and ipconfig release and renew after each test. When I say google's DNS i mean 8.8.8.8 and 8.8.4.4. My school's sites are canopy.uc.edu and catalyst.uc.edu (accessable from the internet if you'd like to try). My school's DNS means 10.25.3.2 and 10.27.3.2.
Thanks in advance for any help. I'll be watching the thread if you need me to try something.
-
Just use the existing DNS Resolver, and add a few host overrides for the internal sites you need access to.
-
So I turned on auto DNS on the WAN port, DNS Forwarder off, and DNS Resolver on with host overrides for the two sites. Internet access and school sites act as if you entered their IP directly (connection not private and no access to services)
-
Internet access and school sites act as if you entered their IP directly (connection not private and no access to services)
I'm not sure I'm following you here. Can you give an example of what you're seeing?
-
when I say it works I mean regular access (like just type in google.com). When I say it doesn't work I mean the login in pages are replaced with site not found. See attached. Google working. Canopy and catalyst not.
-
I fail to see the relation of your screenshots with DNS.
-
When I manually configure the school's DNS servers on my PC the sites work properly.
-
So what? Does that resolve to something different, or what? Point the entire uc.edu domain to your college servers via overrides.
-
My first guess would be that their pages are using resources on other servers that you do not have a host override for.
-
Yeah as said I'd start with adding a domain override instead.
-
Let me give you more background. I have an ASUS router that for the longest time could not access any school services (exactly as you see in the pictures above). If I used a VPN I could use the school's stuff but it was annoying. I figured out that if I removed google's DNS from its configuration that I could access all the school's services without needing the vpn. Now I am trying to do the same thing with this pfsense router. It won't let me access any of the school's services without me manually configuring the school's DNS servers on each of my clients.
What IP would I use to override? The school have many sub-domains and it doesn't make sense to sit here and override each of those.
-
For domain overrides, you just specify the domain and the authoritative server for that domain.
Domain: uc.edu
IP address: LAN IP of school DNS serverAnything about uc.edu will be handled by their DNS.
-
Alright. The override for the domain is setup and everything is working great. Thanks very much!