• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Force/Redirect DNS queries to 8.8.8.8 to another DNS server (internal or external)

Scheduled Pinned Locked Moved Firewalling
7 Posts 4 Posters 4.3k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • L
    lightningbit
    last edited by Nov 8, 2019, 6:13 PM

    Hi,

    I've looked around, but could not find an immediate answer.

    Here is the situation:

    • PFSense DHCP is configured to send/set 2 internal DNS servers for any client on the network to use
    • I've some (home automation) devices on my network, with little configuration options (basically set wifi name and wifi passphrase, that's it)
    • which get an IP address from PFSense
    • BUT, they are not using the DNS servers given by my DHCP setup. It seems the vendor is hardcoding the DNS server (in many cases those of google)

    The question :

    • is there a way to force or redirect and queries arriving on the FW "SOURCEIP -> 8.8.8.8:53"
    • to another DNS server (preferably internal one, or at minimum for example 1.1.1.1)

    Thanks

    1 Reply Last reply Reply Quote 0
    • R
      Rai80
      last edited by Rai80 Nov 8, 2019, 8:48 PM Nov 8, 2019, 8:46 PM

      Yes there is! You can use NAT with redirection. Change its destination IP from 8.8.8.8 -> 1.1.1.1 with redirect target IP

      1 Reply Last reply Reply Quote 0
      • J
        jimp Rebel Alliance Developer Netgate
        last edited by Nov 8, 2019, 9:19 PM

        https://docs.netgate.com/pfsense/en/latest/dns/redirecting-all-dns-requests-to-pfsense.html

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • L
          lightningbit
          last edited by lightningbit Dec 16, 2019, 10:15 PM Nov 8, 2019, 11:20 PM

          Thanks for the info

          with that, I'll try to figure out my ideal setup :
          I've 2 internal DNS,
          x.x.x.12 and x.x.x.13
          which are allowed to (and will) forward non-internal or local requests to Cloudflare DNS (1.1.1.1, 1.0.0.1)
          The Firewall itself is also allowed to forward to Cloudflare DNS
          All other requests which are not going to one of the internal dns first (like for those devices with hardcoded dns) should be forced to one of the internal dns

          Would that also be possible?

          Thanks

          L 1 Reply Last reply Dec 16, 2019, 10:15 PM Reply Quote 0
          • L
            lightningbit @lightningbit
            last edited by Dec 16, 2019, 10:15 PM

            Has anyone else tried a similar setup before?

            1 Reply Last reply Reply Quote 0
            • B
              bcruze
              last edited by Dec 19, 2019, 1:43 PM

              i do this with several devices on my network.

              1. create static mappings for the devices
              2. find the device under services > DHCP server > at the bottom of the page edit the properties of the device > under DNS servers. add which ever DNS server you want. then apply/ apply. and reboot the device
              R 1 Reply Last reply Dec 19, 2019, 7:11 PM Reply Quote 0
              • R
                Rai80 @bcruze
                last edited by Dec 19, 2019, 7:11 PM

                @bcruze said in Force/Redirect DNS queries to 8.8.8.8 to another DNS server (internal or external):

                i do this with several devices on my network.

                1. create static mappings for the devices
                2. find the device under services > DHCP server > at the bottom of the page edit the properties of the device > under DNS servers. add which ever DNS server you want. then apply/ apply. and reboot the device

                This has no effect on hardcoded DNS servers.
                You should use nat with redirection

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                  This community forum collects and processes your personal information.
                  consent.not_received