Potential DNS Rebind Attack Detected when connecting to local server through VPN
-
I have a VLAN setup that uses the OpenVPN client connected to PIA. Everything works perfect except for one thing. When I try and connect to a NextCloud server hosted on a differt VLAN I get the pfSense web page: Potential DNS Rebind Attack Detected.
I don't see how this could happen. I try and connect to https://me.duckdns.org
1: The VLAN gets PIA DNS servers from pfSense DHCP Server. The DNS queries should go out through the VPN like any other traffic. And when I check for DNS leaks all I see are PIA DNS Servers. So I should be getting the WAN IP address.
2: If I ping the NextCloud server it pings the WAN IP. So it doesn't seem to be cached somewhere to the local IP.
- The request to NextCloud should go out through the VPN too, and then come back to my IP from a PIA address, and everything should work. But it doesn't. Where is this breaking down?
-
"3) The request to NextCloud should go out through the VPN too, and then come back to my IP from a PIA address, and everything should work. But it doesn't. Where is this breaking down?
"Why would you want it to work that way.. So you want to send traffic for a server on a vlan on your own local network out to the internet, and than back in through your wan.. Not very efficient. Why not just let this server access the nextcloud directly?
-
Good question. Yes, it's not optimal. Very very little traffic though. I do have a host override, so anything that goes through pfsense for DNS will get the local IP. I haven't figured out how to do this on the VPN. It's basically a wifi VPN, so the hosts are things like iphones and androids. Since they don't go to pfsense for dns, they don't get the host override. And, I haven't figured out how to override it locally on the devices themselves.
