Wireguard

netermin · Jun 1, 2021, 5:10 PM

Hello forum friends I have configured a VPN with Wireguard, when I connect to it and I want to access any shared resource on the network by name I get an error, but by IP address if I let me, but if it is a computer on the LAN if I can connect by name, please could you help me solve this dilemma

KOM · Jun 1, 2021, 5:18 PM

@netermin Your problem is that pfSense can't resolve those FQDNs. One solution is to add a domain override to DNS Resolver so that any lookups to anything from that domain will be resolved that the domain's DNS. I do this for my OpenVPN tunnel to work. Any reference to lan.mycompany.com is handled by my company's DNS.

netermin · Jun 1, 2021, 5:26 PM

@kom Friend, how can I add a domain override to DNS Resolver?

KOM · Jun 1, 2021, 5:36 PM

@netermin Services - DNS Resolver. Scroll down to the bottom. It's right there.

netermin · Jun 1, 2021, 6:42 PM

@kom Friend I do not know if that serves me for what I need, the detail is when I'm in VPN and I do \192.168.1.20 takes me to the shared resource but when I do \Testing gives me error.

KOM · Jun 1, 2021, 6:56 PM

@netermin Yes, because pfSense DNS has no idea who \Testing is. If you only need to connect to that one server then you could add a host override to set Testing to its LAN IP over the VPN. If you need to access many different hosts over the VPN then a domain override helps.

netermin · Jun 1, 2021, 7:07 PM

@kom good friend, sorry to bother you so much but could you tell me in this image how to configure it, I have tried several ways and nothing that can access the shared folder of the server by name. Thank you very much!

login-to-view

KOM · Jun 1, 2021, 7:38 PM

@netermin

Host: testing
Domain: Whatever domain you have pfSense configured for, found under System - General Setup - System - Domain
IP Address: the IP address of the testing server, 192.168.1.20
Description: whatever you want or leave it blank

Click Save

Now when you resolve testing, it will return 192.168.1.20

netermin · Jun 1, 2021, 7:49 PM

@kom Amigo, this is how I have configured it and it does not work.

login-to-view

KOM · Jun 1, 2021, 8:04 PM

@netermin What do you get for:

nslookup pruebas

and

nslookup pruebas.pfsense.netermin.com

netermin · Jun 1, 2021, 8:14 PM

@kom When I do nslookup tests, it resolves:

Server: dns.google
Address: 8.8.8.8.8

When I do nslookup tests.pfsense.netermin.com

Server: dns.google
Address: 8.8.8.8.8

KOM · Jun 1, 2021, 8:16 PM

@netermin Your client appears to be using Google for DNS. You can't override that way. Your clients must use pfSense for DNS for overrides to work.

netermin · Jun 1, 2021, 8:23 PM

@kom Would you place as primary DNS the pfsense ip on the network adapters?

KOM · Jun 1, 2021, 9:51 PM

@netermin I don't understand what you mean.

pfSense has 2 DNS systems available, a forwarder and a resolver. Resolver is enabled by default. Your clients should be using pfSense as their DNS, either statically or set via DHCP.

Edit: If you don't want to make any changes to your DNS and you just need access to one or two servers from the one client, you could always edit its hosts file to add those names and point them to their IPs.