Access host on the LAN using public IP
-
@johnpoz I am using Forwarder (dnsmasq).
All is configured, but the PF still responding with the value from public DNS rather than from the overwrite entry. See screenshot: -
@johnpoz yeah i need to be more verbose next time, i was in a hurry because a customer entered my store in that moment what i meant is you need one of the options on that link, nat reflection or split dns but it's well documented that split dns is the best course of action
-
Well your not asking pfsense - so why would you think it would reply with your override?
Your override is not on freaking googles dns servers for gosh sake!
-
kiokoman@nanto:~$ dig @172.17.0.254 -p110 any ilive.demb.ca ;; Connection to 172.17.0.254#110(172.17.0.254) for ilive.demb.ca failed: timed out. ; <<>> DiG 9.11.5-P4-5.1ubuntu2.1-Ubuntu <<>> @172.17.0.254 -p110 any ilive.demb.ca ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21705 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;ilive.demb.ca. IN ANY ;; ANSWER SECTION: ilive.demb.ca. 1 IN A 192.168.10.10 ;; Query time: 3 msec ;; SERVER: 172.17.0.254#110(172.17.0.254) ;; WHEN: gio mar 19 19:17:56 CET 2020 ;; MSG SIZE rcvd: 58
dig @ pfsense-ip !!
and your pc need to use pfsense as dns server and only that
-
@johnpoz Man, you need to better pay attention to questions. I am asking PF, but for some reason, it is forwarding the request to upstream DNS, instead of returning the value from overwrite table.
-
@michaeldemb said in Access host on the LAN using public IP:
you need to better pay attention to questions
You are NOT asking pfsense - its right there in front of you!!
You clearly have set pfsense to ask google - it doesn't do that out of box... Set pfsense to ask itself, which is the default! And then test your override asking it..
-
@johnpoz PF is set as my default DNS. It is configured with DNS forwarder that goes to google. So yes I am asking PF, but it just forwarding to google.
-
@michaeldemb said in Access host on the LAN using public IP:
So yes I am asking PF, but it just forwarding to google
NO your NOT.. Your queries were direct to 8.8.8.8 - its right there in your screenshots!!
-
if it's not like the screenshot of johnpoz check this options
-
@michaeldemb Best you start with a fresh pfSense...
-
@kiokoman Thnks this is it. Also Override is working now. PF simply had cached DNS and was returning the old values. All is working now.
-
No it had not cached dns.. Once you set an override any "cached" records would of been overwritten since the act of creating a host override restarts the dns service.. You were not pointing to pfsense for dns..