Show hostnames in firewall log?

  • Hi I am new to pfSense and really like what it can do. I came from using a Sophos UTM on my home network but had to switch over because I was running up against the 50 IP address limit.

    One of the things I miss about the Sophos was that I could get hostnames in my firewall log. I am running an AD environment and the DC is providing DHCP and DNS. the pfSense FW can ping all my devices by hostname so I am unsure why they do not show in the logs.

    Can anyone tell me if this is possible?



  • Have you tried right clicking on an ip when you are looking at the logs?  There is/used to be/should be an option to resolve/do name lookup on the IP.

  LAYER 8 Global Moderator

    firewall can ping them by host name, like host – or host.domain.tld ?  You sure you not just broadcasting for the netbios name?

    What is pfsense using for dns?  You state your using your DC for dns and dhcp, so where does pfsense point?  To itself using forwarder or resolver?

    If pfsense is using itself which it should be, then you would need an override in the forwarder or resolver depending on which one your using to be able to resolve a fqdn from your AD.

    As you can see in the attachment, pfsense can resolve local names just fine.  If you point it to proper place to resolve them via dns.  You can see my harmonyhub phoning home here.

    Maybe your AD doesn't have the reverse zone setup correctly, or the entries are not being created either by the client or the dhcp server.  Can you query your DC directly for the PTR record?

