DNS_PROBE_FINISHED_BAD_CONFIG
-
Your best bet is probably the university support line.
As far as I know my university doesn't allow all DNS servers and in their setup guide they just tell the user to select "obtain DNS automatically".
So did you do that or did you define DNS servers in System > General ?
It looks like you both defined google DNS and set gateways on them.
What do you get in Diagnostics > DNS Lookup for something like www.cnn.com?
-
@derelict we don't have a support line, we have some ppl who are called "admins" but all they do is add your device to the database, so you aren't blocked out.
I added the DNS servers I have on my laptop (which uses wifi and wasn't connected to pfsense) and i tried Google's DNS servers. But that didn't help.
At the moment there is no DNS server in "general settings"I got to get this running on the university's network (https://wiki.archlinux.org/index.php/Internet_sharing) and I was hoping if this works then it can't be that much more difficult to get pfsense running
-
What do you get in Diagnostics > DNS Lookup for something like www.cnn.com?
-
What shows for WAN in Status > Interfaces?
-
I think every device registered in the network is given a DNS Server. I'll do some more research on that. But my idea would be to put that DNS server in "General Settings" and then (in theory) the DNS problem should be gone right?
DNS Lookup cnn.com:
Status > interfaces:
Status -> Systemlogs -> System -> gateways:
Last 50 Firewall Logs: https://hastebin.com/oyijijamix.nginx
-
@sashpta said in DNS_PROBE_FINISHED_BAD_CONFIG:
I think every device registered in the network is given a DNS Server. I'll do some more research on that. But my idea would be to put that DNS server in "General Settings" and then (in theory) the DNS problem should be gone right?
What you have looks like it is working but those error: 65 messages indicate the connection is pretty unreliable.
Here is the list of things to check:
https://www.netgate.com/docs/pfsense/routing/no-buffer-space-available.html
In a nutshell, it means that your WAN is down at the time.
-
Error 65 seems to be fixed now.
I assume I connected the wrong cable at some point and then the internet is blocked since it thinks it's an unregistered device...
That is fixed nowI found out which "DNS name" is listed in the university's network database for the machine that's running pfsense.
I guess I can try to add that...
I also have the option to "Remove IPv6 Autoconf Address for DNS" in the terminal of my university's network
("This setting is about whether our DNS server returns the IPv6 autoconf address of your device to the other devices. They use this information when contacting your device")But the dns error is still there...
Dns lookup now is also different
-
uhm, so the DNS-Server that's listed in the Database can't be used. Since it's an IPv6 address.
on my desktop I have this as DNS, can we somehow get something similar to pfsense?# Generated by NetworkManager search fem.tu-ilmenau.de net.fem.tu-ilmenau.de nameserver 192.168.82.252 nameserver 192.168.82.251 nameserver fd66:656d:0:82::2 # NOTE: the libc resolver may not support more than 3 nameservers. # The nameservers listed below may not be recognized. nameserver fd66:656d:0:82::3 -
If you absolutely have to use only certain name servers (192.168.82.251 and 192.168.82.252) then you need to use either the DNS forwarder or DNS resolver in forwarding mode. Else the DNS resolver will try to do just that - resolve names using all DNS servers configured in the zone (NS records) being queried from the roots down.
I would try unchecking DNSSEC and checking forwarding mode in the DNS resolver settings and see if that helps.
-
@derelict Thank you, I'll try that.
Unfortunately, I am not at home for a week, but when I am back, I'll try your solution and give you an update.
