Avaliable Packages missing cant seem to find

comet424

im not sure.. i just set it up via the installed for nordvpn and pfsense
but here the other pics you mentions

stephenw10

Ok, so are those DNS server at 103.86.9X.X at your ISP?

If so they are probably not reachable via the VPN. But you have one set explicitly via the VPN and the other does not have a gatreway set so it uses the default route. But that's also the VPN.
Normally the system would use the resolver when can use the VPN but you have set "do not use the resolver for the firewall" so it can only use what's set in System > General.

Undoing any of those things will probably fix this but the least change is to set the pppoe gateway against those DNS servers in System > General. At least as a test.

Steve

comet424

no those are the vpn dns server ones
i followed the instructions here
https://nordvpn.com/tutorials/pfsense/pfsense-openvpn/

stephenw10

Hmm, should be good then. If you do to Diag > DNSlookup does it show success for all entries against pfsense.org?

Steve

comet424

comet424

i tried several google.com nordvpn.com still same error
and cant even ping

yet i have internet so im confused

comet424

frustrating i reboot the pfsense and it works the packages show... and the dns lookups work.. but 5 -10 min after the damn thing is gone and the dnslookup fails... would this be a dns server from the nordvpn being problem or a setting in pfsense

Derelict

Probably the way you have your DNS configured. Hard to say if it's "nordvpn" or not.

Personally, I would not accept a default route from a VPN provider. I would enable Don't pull routes and policy route over the VPN instead.

comet424

oh ok and why is that what does that mean

and ok where i set that...

thank you for all your inputs so far..

stephenw10

It's a setting in the OpenVPN client setup.

Currently when you connect the server pushes a new default route to pfSense which you can see in your routing table.
If you disable that you then have to route traffic you want to use the VPN manually with policy rules. That can still be everything if you need it to be.

You have the option set to 'not use the resolver for the firewall itself' in System > General whcih is why the DNSLookup results only show those two DNS servers. If you unchecked that it would also try the local resolver at 127.0.0.1 which will likely always work and is why you other clients still work.
It's interesting that those servers don;t work though with the default route being over the VPN. Was the VPN connected when you ran those tests?

You could add another DNS server and set the pppoe gateway, say 8.8.8.8, and that will always work.

Steve

comet424

ok hope i did this right... as ill see if it fails lol..seems after 5 10 min yesterday i don't remember as i dosed off and woke up today and couldn't do the packages or the dns lookup all fails.. i reboot and it works..
so here is image.... and i already had the Do not use the DNS Forwarder/DNS Resolver as a DNS server for the firewall already checked off

comet424

the above didn't work i back to blank package manager... and the dns lookup doesn't work again
works right after a reboot but after 2 hours i just re tried and she don't work.. but i have internet etc

comet424

i do notice some websites wont work.. like canadacomputers.com when searching.. doesn't always works times out... even if i turn off and on the OpenVPN client no go.. but when i reboot the pfsense.. the dnslookup works... the package manger works.. and the website for searching computer parts works again.. so i frustrated... i didn't have issues till i installed the squid but i have that uninstalled now... but i cant find why i keep loosing out... if part of the program glitched or its a toggle check box … works for a while after a reboot then stops

stephenw10

So after some time you just see 'no response' from 8.8.8.8 if you run a lookup?

But initially after a reboot all three servers respond?

Odd. Do you see anything blocked in the firewall log on port 53?

Steve

comet424

ill have to take a new pic i lost it but when i do a reboot.. only 2 servers respond on that dnslookup.

right now i cant do a package manger i get no packages again.. i ran dnslook up the 8 8 8 8 responds

i looked at logs no port 53 blocked just other ports it shows

comet424

here is image after i do a reboot i checked package manger and it shows up.. and i took a dnslookup… i find that people say use the filter reload so you don't have to reboot the pfsense computer but i find that does nothing.. a real reboot makes it work for a bit

Derelict

It would help to use name servers that actually respond if you are having DNS issues. Those 103.86.96/99 servers look like they are garbage. Why use them?

johnpoz

@derelict said in Avaliable Packages missing cant seem to find:

Those 103.86.96/99 servers look like they are garbage. Why use them?

Have to HIDE my p0rn surfing from my ISP don't ya know ;) Those are nordvpn dns servers..

Grimson

Just switch to the resolver, it's much more reliable than those NordVPN DNS servers.

comet424

lol haha ya gotta hide the porn.. lol it also for geo location websites i cant access when im in Canada and i want other content
and ya those servers are the nordvpn.. it just started not to long ago this issue

as for the resolver is that the dns resolver ..
this is my setup for that