Avaliable Packages missing cant seem to find
-
Hmm, should be good then. If you do to Diag > DNSlookup does it show success for all entries against pfsense.org?
Steve
-
-
i tried several google.com nordvpn.com still same error
and cant even pingyet i have internet so im confused
-
frustrating i reboot the pfsense and it works the packages show... and the dns lookups work.. but 5 -10 min after the damn thing is gone and the dnslookup fails... would this be a dns server from the nordvpn being problem or a setting in pfsense
-
Probably the way you have your DNS configured. Hard to say if it's "nordvpn" or not.
Personally, I would not accept a default route from a VPN provider. I would enable Don't pull routes and policy route over the VPN instead.
-
oh ok and why is that what does that mean
and ok where i set that...
thank you for all your inputs so far..
-
It's a setting in the OpenVPN client setup.
Currently when you connect the server pushes a new default route to pfSense which you can see in your routing table.
If you disable that you then have to route traffic you want to use the VPN manually with policy rules. That can still be everything if you need it to be.You have the option set to 'not use the resolver for the firewall itself' in System > General whcih is why the DNSLookup results only show those two DNS servers. If you unchecked that it would also try the local resolver at 127.0.0.1 which will likely always work and is why you other clients still work.
It's interesting that those servers don;t work though with the default route being over the VPN. Was the VPN connected when you ran those tests?You could add another DNS server and set the pppoe gateway, say 8.8.8.8, and that will always work.
Steve
-
ok hope i did this right... as ill see if it fails lol..seems after 5 10 min yesterday i don't remember as i dosed off and woke up today and couldn't do the packages or the dns lookup all fails.. i reboot and it works..
so here is image.... and i already had the Do not use the DNS Forwarder/DNS Resolver as a DNS server for the firewall already checked off
-
the above didn't work i back to blank package manager... and the dns lookup doesn't work again
works right after a reboot but after 2 hours i just re tried and she don't work.. but i have internet etc -
i do notice some websites wont work.. like canadacomputers.com when searching.. doesn't always works times out... even if i turn off and on the OpenVPN client no go.. but when i reboot the pfsense.. the dnslookup works... the package manger works.. and the website for searching computer parts works again.. so i frustrated... i didn't have issues till i installed the squid but i have that uninstalled now... but i cant find why i keep loosing out... if part of the program glitched or its a toggle check box … works for a while after a reboot then stops
-
So after some time you just see 'no response' from 8.8.8.8 if you run a lookup?
But initially after a reboot all three servers respond?
Odd. Do you see anything blocked in the firewall log on port 53?
Steve
-
ill have to take a new pic i lost it but when i do a reboot.. only 2 servers respond on that dnslookup.
right now i cant do a package manger i get no packages again.. i ran dnslook up the 8 8 8 8 responds
i looked at logs no port 53 blocked just other ports it shows
-
here is image after i do a reboot i checked package manger and it shows up.. and i took a dnslookup… i find that people say use the filter reload so you don't have to reboot the pfsense computer but i find that does nothing.. a real reboot makes it work for a bit
-
It would help to use name servers that actually respond if you are having DNS issues. Those 103.86.96/99 servers look like they are garbage. Why use them?
-
@derelict said in Avaliable Packages missing cant seem to find:
Those 103.86.96/99 servers look like they are garbage. Why use them?
Have to HIDE my p0rn surfing from my ISP don't ya know ;) Those are nordvpn dns servers..
-
Just switch to the resolver, it's much more reliable than those NordVPN DNS servers.
-
lol haha ya gotta hide the porn.. lol it also for geo location websites i cant access when im in Canada and i want other content
and ya those servers are the nordvpn.. it just started not to long ago this issueas for the resolver is that the dns resolver ..
this is my setup for that
-
Well your clients might be using pfsense, which pfsense resolves. But from your dns diag output you don't have pfsense pointing to itself (resolver)
So it has to use whatever shitty dns you tell it to use, like those nordvpn servers that don't answer or answer in 200+ ms
Just let pfsense point to itself - loopback 127.0.0.1, and NOTHING else and yes have the resolver enabled and NOT in forwarder mode and you should be good and pfsense can find anything it needs to find to update itself.
If you want some clients to use your vpn dns - then point to them on the client side, etc.
-
@comet424 said in Avaliable Packages missing cant seem to find:
it just started not to long ago this issue
Then contact their support if their DNS servers are flaky, maybe they forgot to update the DNSSEC root key.
-
Good luck them even knowing what that is ;)