Help in setting up DNS resolver and NAS on SG 2440

matrixit

I recently moved from Miniwall pfSense router to new SG 2440 router.

Following is what I am trying to achieve (unable to achieve) and need help in it.

1. Unlike Miniwall, SG 2440 don't turn on automatically when I press power 'On' switch. I have to literally remove power cable from SG 2440 (rare) & re-plug it to turn it on. I need to know if there is (a way) any settings which can turn 'On' SG 2440 then moment it detects power in its cord or if I turn on its switch (I am in India and due to Monsoon rains we happen to lose power supply ten times a day and to avoid abrupt shutdown of SG 2440 I turn it off after every power failure in my area).
2. I need to know how to enable fully functional DNS which can resolved my hostnames to IP Addresses and vice versa. I already enabled ‘DNS Forwarder’ service and enable following three options on it.
    Enable DNS forwarder
    DHCP Registration
    Register DHCP static mappings in DNS forwarder
   Still I can’t ping or access any of my device with its hostname. I can ping or access all my devices with its IP Addresses but not with its hostname.

I would be really happy if any one can help me resolve above two issues.

Thanks & Regards,
Asif

johnpoz

Why do you think you need the forwarder?  The resolver is more than capable of resolving your hosts on your network if you create records for them or use dhcp registration, etc.

I would get with support on your sg2440 question, seems odd that doesn't turn on when you press the switch?

If you have lots of power outages, I would get a better ups that provide battery power through the power outage, etc.  Unless your talking days?  If so then get a generator ;)

matrixit

Thanks John,

I disabled DNS forwarder service on my firewall and enabled 'DNS Resolver' service and it started working. Thanks a ton for your help.

I have a Battery backup of 4-6 hours but the problem is I have to reboot my ISP Modem after every power failure followed by pfSense reboot. So instead of rebooting these devices. I just turn them off when power goes off. Are you sure that SG 2440 is set to turn 'On' the moment it detects power supply?

Because its turns 'On' (automatically), if I turn 'Off' (and 'On' abruptly) its switch without giving 'Halt' or 'Reboot' command. However, it doesn't turn 'On' if I give 'Halt' command and turn 'Off' and 'On'. Are you sure that I have to call support for this small issue.

johnpoz

I don't have a sg2440 to verify with.  But pretty every computer can be setup in its bios on what it does on loss of power, does it stay off or turn back on.  You shouldn't have to unplug the power cable that is for sure.

matrixit

When it lose power (when I turn 'Off' without giving 'Halt' or 'Reboot' command) it came back fine after turning on its power switch.

Its an issue when I give a proper 'Halt' command and turn 'Off' its switch. But when I turn 'On' its switch it doesn't power on until I uplug its power cord (from rare) and replug it.

divsys

The behaviour you're describing is typically set in the BIOS "Power loss" settings.
I'm not familiar with the exact sg2440  terminology, but your description would be "Last state" in many BIOS'.
What you probably want is "AC on".

All that said, I've seen cases where the BIOS setting is ignored if you explicitly power the box down (which a proper HALT would do).
In those cases you're stuck with pulling the plug rather than properly shutting down.

Doesn't always give me a warm fuzzy feeling and I try to avoid it, but I haven't managed to mangle a pfSense box past what a power up fsck could fix automatically.

10+ years, 50+ boxes and counting (you realize I just jinxed myself…....)

Edit:
Just remembered a little safer option I've used in the past - do a Reboot from the GUI and/or console and early on while the box is starting (before pfSense loads) pull the plug.  Should eliminate any issue of corrupting the drive during a write.

matrixit

Thanks Divsys and Johnpoz,

I am sure its an issue with Bios setting or this SG 2440 model itself. Because I use to do same thing with my old miniwall pfSense firewall and it use to boot back up well. I will see if I can try some settings with this SG 2440 Bios.

matrixit

I don't know if this is the right way to access Bios but I press 'F12' and option '6' for 'payload' to boot to Bios and following is what I got, where there is no 'Power' option. Could you please tell me how to access BIOS on SG 2440 and modify 'Power Options'? Thanks

Press F12 for boot menu.

Select boot device:

1. USB MSC Drive Generic Ultra HS-COMBO 1.98
2. iPXE (PCI 00:14.0)
3. iPXE (PCI 00:14.1)
4. iPXE (PCI 00:14.2)
5. iPXE (PCI 00:14.3)
6. Payload [setup]

Booting from CBFS…

---

*** Sortbootorder payload    ver 1.1  Sage Electronic Engineering  *

---

flash_address = 0x700000

Type lower case letter to move device to top

boot devices

a  USB 1
  b  USB 2
  c  SATA3 1
  d  SATA3 2
  e  msata
  f  SATA2 1
  g  SATA2 2
  h  SATA2 3
  i  USB-eMMC
  j  PXE 1
  k  PXE 2
  l  PXE 3
  m  PXE 4

Type upper case letter to invoke action

R Restore boot order defaults
  E Exit setup with save
  X Exit setup without save

AR15USR

You don't want the 'Boot Menu' that selects which device/drive to boot from. You want the 'BIOS Setup' menu (mine is F2, yours might be different). It should tell you what to much when you are booting up..

dotdash

I don't know what the switch you are talking about is. For those unfamiliar, there is no switch on the SG-2440, just a power input- like the Alix/APU. Switch on the powestrip? The ones I have here power on when the power strip is flipped on. If you halt them, then you need to unplug the power and plug it back in to get them started again, but I've never seen a problem with restarting after a power outage. And, again for those who don't have the hardware, there is not a full bios with power options on these.

dennypage

@matrixit:

Unlike Miniwall, SG 2440 don't turn on automatically when I press power 'On' switch. I have to literally remove power cable from SG 2440 (rare) & re-plug it to turn it on. I need to know if there is (a way) any settings which can turn 'On' SG 2440 then moment it detects power in its cord

Are you sure you have an SG 2440? There is no power switch on an SG 2440, and the unit comes on immediately when connected to power.

If you explicitly power it off via software, it will stay powered off until power is cycled. If you are using a ups you will want to make sure it the ups is configured to cut power to the load when it shuts down, and brings power back to the load when the mains return.

matrixit

Thanks 'dotdash', that's what happens here. When I gracefully shutdown SG 2440 it doesn't come up online until I unplug and re-plug its power cable.

So, henceforth I will follow 'divsys' and restart my firewall instead of halt and wait for couple seconds before switching 'Off' (that's one hell of idea. Thanks 'divsys').

So, power issue is pretty much resolved here. But I still have issues accessing BIOS settings on SG 2440 and I would really appreciate if someone can guide me in how to get to its BIOS settings.

Also, the DNS resolver which I enabled a day ago doesn't seems to be working with my NAS (seems my wifi and wired devices are not seeing each other).

Following is how I have connected my ‘DSL ISP Modem (WAN port)’, ‘UAC AP Pro (Opt2 port)’ & ‘NAS (Opt1 port)’ to ‘SG 2440’.

---

|               |
|      ISP Modem       |
                | Connected at Wan  |
||
      |
      |
      |
|
|               |
|        SG 2440        |
|| 
                        |  |                                  __________________
                      |  |           |                   |
                      |  ||   NAS           |
                      |           |  Connected at Opt1  |
                      |           ||
                      |
|_________
|      UAC AP Pro        |
|  Connected at Opt2  |
|_________________|

I am able to communicate (access and ping) to & from my wifi devices (which are behind AP). However, unable to ping or access NAS IP/hostname. Though all leases are still handled by DHCP of 'SG 2440' and its leasing out proper IP to NAS as well as showing NAS to be online in ‘DHCP Status’ page. But can’t ping or access NAS.

I even connected my laptop directly to ‘LAN port’ of ‘SG 2440’ and tried pinging NAS and its not pinging or accessible. At same time I also tried ping to my wifi device from my wired Laptop and none of my wifi devices were accessible. I was able to access internet without any issue from wired or wifi (from laptop). However, it seems my wifi devices are not seeing my NAS and vice versa.

Can someone help me resolve this issue? Thanks.

Note (for all): There is no switch at SG 2440, when I mention switch it was that 'On'/'Off' switch where cord is plugged.

matrixit

@matrixit:

Thanks 'dotdash', that's what happens here. When I gracefully shutdown SG 2440 it doesn't come up online until I unplug and re-plug its power cable.

So, henceforth I will follow 'divsys' and restart my firewall instead of halt and wait for couple seconds before switching 'Off' (that's one hell of idea. Thanks 'divsys').

So, power issue is pretty much resolved here. But I still have issues accessing BIOS settings on SG 2440 and I would really appreciate if someone can guide me in how to get to its BIOS settings.

Also, the DNS resolver which I enabled a day ago doesn't seems to be working with my NAS (seems my wifi and wired devices are not seeing each other).

Following is how I have connected my ‘DSL ISP Modem (WAN port)’, ‘UAC AP Pro (Opt2 port)’ & ‘NAS (Opt1 port)’ to ‘SG 2440’.

---

|                              |
      |      ISP Modem        |
      |  Connected at Wan  |
      ||
                |
                |
                |
      |_
      |                      |
      |        SG 2440  |
      |_____________| 
                        |  |                              __________________
                        |  |                              |                              |
                        |  ||          NAS              |
                        |                                  |  Connected at Opt1  |
                        |                                  ||
                        |
      ___|
      |      UAC AP Pro        |
      |  Connected at Opt2  |
      ||

I am able to communicate (access and ping) to & from my wifi devices (which are behind AP). However, unable to ping or access NAS IP/hostname. Though all leases are still handled by DHCP of 'SG 2440' and its leasing out proper IP to NAS as well as showing NAS to be online in ‘DHCP Status’ page. But can’t ping or access NAS.

I even connected my laptop directly to ‘LAN port’ of ‘SG 2440’ and tried pinging NAS and its not pinging or accessible. At same time I also tried ping to my wifi device from my wired Laptop and none of my wifi devices were accessible. I was able to access internet without any issue from wired or wifi (from laptop). However, it seems my wifi devices are not seeing my NAS and vice versa.

Can someone help me resolve this issue? Thanks.

Note (for all): There is no switch at SG 2440, when I mention switch it was that 'On'/'Off' switch where cord is plugged.

matrixit

is there nobody in forum who can guide me to resolve this issue?

johnpoz

resolve what issue.. you can not resolve local fqdn?

Did you set the resolver to register dhcp leases. Did you setup a host override?

Lets have some examples.  What is the IP address of your nas?  What should its fqdn be?  When you query pfsense via your fav dns tool, nslookup, dig, drill, host for that fqdn what do you get in response.

For example my file server is called storage.  I can ping it and resolve its fqdn, even just its hostname resolves.

C:\

dig storage.local.lan

; <<>> DiG 9.10.4-P2 <<>> storage.local.lan
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49654
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;storage.local.lan.            IN      A

;; ANSWER SECTION:
storage.local.lan.      3600    IN      A      192.168.9.8

;; Query time: 1 msec
;; SERVER: 192.168.9.253#53(192.168.9.253)
;; WHEN: Wed Aug 03 15:27:26 Central Daylight Time 2016
;; MSG SIZE  rcvd: 62

C:\

dig storage

; <<>> DiG 9.10.4-P2 <<>> storage
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29209
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;storage.                      IN      A

;; ANSWER SECTION:
storage.                3600    IN      A      192.168.9.8

;; Query time: 1 msec
;; SERVER: 192.168.9.253#53(192.168.9.253)
;; WHEN: Wed Aug 03 15:27:29 Central Daylight Time 2016
;; MSG SIZE  rcvd: 52

C:\

ping storage.local.lan

Pinging storage.local.lan [192.168.9.8] with 32 bytes of data:
Reply from 192.168.9.8: bytes=32 time<1ms TTL=128
Reply from 192.168.9.8: bytes=32 time<1ms TTL=128
Reply from 192.168.9.8: bytes=32 time<1ms TTL=128
Reply from 192.168.9.8: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.9.8:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\

ping storage

Pinging storage.local.lan [192.168.9.8] with 32 bytes of data:
Reply from 192.168.9.8: bytes=32 time<1ms TTL=128
Reply from 192.168.9.8: bytes=32 time<1ms TTL=128
Reply from 192.168.9.8: bytes=32 time<1ms TTL=128
Reply from 192.168.9.8: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.9.8:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\

matrixit

Thanks Johnpoz for replying. I already did what you are asking. read my initial post and you will know all that is already enabled in DNS Resolver.

I can ping to all my wifi devices which is connected via Unifi AC AP Pro. It seems pinging between hosts connected at all three ports of SG 2440 is a problem.

I tried pluging laptop to lan and another laptop to opt1 and it was not pinging each other. Though both of them were getting internet access and were assigned proper IP. If I plug same two laptop to Wifi network of AP it works well and they can ping.

Btw, I have bridged "Lan, opt1 & opt2" ports and have enabled DHCP with 10.11.11.1/24 via bridged interface.

It seems devices are each port are not recognising each other.

johnpoz

Oh my Fing gawd…

You didn't do what I asked at all - did you post up what I asked for - NO..

You don't need pfsense you need a switch if your just going to put all your boxes on the same layer2..

matrixit

Hi Johnpoz,

I am sorry, here is the output you asked for.

C:\Windows\system32>ping android-bbb2e5dd0de8ad82

Pinging android-bbb2e5dd0de8ad82.SG2440.local [10.11.11.102] with 32 bytes of data:
Reply from 10.11.11.102: bytes=32 time=105ms TTL=64
Reply from 10.11.11.102: bytes=32 time=118ms TTL=64
Reply from 10.11.11.102: bytes=32 time=7ms TTL=64
Reply from 10.11.11.102: bytes=32 time=31ms TTL=64

Ping statistics for 10.11.11.102:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 7ms, Maximum = 118ms, Average = 65ms

C:\Windows\system32>dig android-bbb2e5dd0de8ad82

; <<>> DiG 9.10.4-P2 <<>> android-bbb2e5dd0de8ad82
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26382
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;android-bbb2e5dd0de8ad82.      IN      A

;; AUTHORITY SECTION:
.                      3580    IN      SOA    a.root-servers.net. nstld.verisign-grs.com. 2016080301 1800 900 604800 86400

;; Query time: 328 msec
;; SERVER: 10.11.11.1#53(10.11.11.1)
;; WHEN: Thu Aug 04 17:07:57 India Standard Time 2016
;; MSG SIZE  rcvd: 128

C:\Windows\system32>dig nas

; <<>> DiG 9.10.4-P2 <<>> nas
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43276
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;nas.                          IN      A

;; AUTHORITY SECTION:
.                      3571    IN      SOA    a.root-servers.net. nstld.verisign-grs.com. 2016080301 1800 900 604800 86400

;; Query time: 328 msec
;; SERVER: 10.11.11.1#53(10.11.11.1)
;; WHEN: Thu Aug 04 17:08:06 India Standard Time 2016
;; MSG SIZE  rcvd: 107

C:\Windows\system32>dig nas.sg2440.local

; <<>> DiG 9.10.4-P2 <<>> nas.sg2440.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53750
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;nas.sg2440.local.              IN      A

;; ANSWER SECTION:
nas.sg2440.local.      3600    IN      A      10.11.11.110

;; Query time: 1 msec
;; SERVER: 10.11.11.1#53(10.11.11.1)
;; WHEN: Thu Aug 04 17:16:28 India Standard Time 2016
;; MSG SIZE  rcvd: 61

C:\Windows\system32>ping nas.sg2440.local

Pinging nas.sg2440.local [10.11.11.110] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 10.11.11.110:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\Windows\system32>

Also, attaching my Bridged interface status with DHCP Leases status.

Again, its seems devices at each port are not recognising devices connected at other port.

Awaiting your suggestions…


matrixit

Thanks all for your help. However, none of the steps were able to resolve my issue.

Here is the link I followed to resolve my issue
http://www.cyberciti.biz/faq/how-to-pfsense-configure-network-interface-as-a-bridge-network-switch/

This can be closed now.

Thanks.