Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Help Logging into Dashboard using Domain

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 2 Posters 719 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ARAMP1A Offline
      ARAMP1
      last edited by

      I'm not sure what I did, but for some reason I can now only log into my pfSense router dashboard from inside my network using my 192 IP address and not my domain (https://pfsense.XXXXXXdomain/). I've turned off Squid and pfBlocker thinking it might be something with those, but no luck. Any ideas?

      1 Reply Last reply Reply Quote 0
      • johnpozJ Online
        johnpoz LAYER 8 Global Moderator
        last edited by

        So your saying that your fqdn pfsense.XXXXXXdomain doesn't resolve? Or resolves to the wrong IP.

        Is your client using pfsense for dns?

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

        1 Reply Last reply Reply Quote 1
        • ARAMP1A Offline
          ARAMP1
          last edited by

          Ah, didnt even think about the DNS server. It just doesnt resolve...using 1.1.1.1 now. I'll change it when I get home from work to see if thats it.

          johnpozJ 1 Reply Last reply Reply Quote 0
          • johnpozJ Online
            johnpoz LAYER 8 Global Moderator @ARAMP1
            last edited by

            @aramp1

            Well if you tell your client to use 1.1.1.1 then no its not going to be able to resolve some private domain you gave to pfsense..

            Have you client use pfsense, have pfsense forward to 1.1.1.1 if that is what your network to use.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

            1 Reply Last reply Reply Quote 1
            • ARAMP1A Offline
              ARAMP1
              last edited by

              It seems so simple i actually feel like an idiot for not thinking about it.

              Weird thing is, it worked sometimes. Sometimes it wouldn't and I'd come back in a few minutes and it'd be good.

              Appriciate the help!

              1 Reply Last reply Reply Quote 0
              • johnpozJ Online
                johnpoz LAYER 8 Global Moderator
                last edited by johnpoz

                Did you have client pointing to multiple nameservers?

                Having your client say with

                192.168.1.1 (pfsense - local dns)
                8.8.8.8 (googledns - public dns)

                This is common mistake made... I see it ALL the time!!! Users do not seem to grasp that a client doesn't ask both, or move to the next one when NX returned, etc.

                While you might list your ns in order on your client. You really can not be sure which nameserver a client might ask for any given query. Sure if one does not answer with specific time period for a query, the client will ask the other listed ns. And once a client gets answers from 1 it stick to that one..

                So if you ask google for pfsense.localdomain.tld your going to get back NX.. Once a client gets back NX it will not go ask other ns for that since it was told - hey doesn't exist. Doesn't make any sense to bug the other NS for something that clearly does not exist. It will not ask again until the neg ttl expires on that NX.

                While you can point your clients to multiple NS.. They all need to be able to resolve the same stuff! So if you want to point to google and opendns and 1.1.1.1 ok sure - they should all be able to resolve www.publicdomain.com

                But using even different public that provide different blocking features can get you in trouble. While opendns might block xyz, maybe googledns allows it, etc. Which one is your client going to be asking? You can not be sure.

                Listing internal and external dns is going to cause you grief for sure. All your nameservers listed on your client should be able to resolve the same stuff. So sure you can run multiple internal NS that can all resolve any internal stuff, and then forward/resolve to get the public stuff. If 1 is down - no answer at all (ie timeout) then yes client will ask other one. Your fine here since no matter what NS you ask you are sure you will get the same answer.

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

                1 Reply Last reply Reply Quote 1
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.