Local Domain computers cannot access internet. Anything else set to static can
-
I tried to search this issue, but I'm certain i'm not using the correct terms. Cannot figure out why the anything on the domain is not getting out to the internet. Anything not on the domain can get out to the internet.
I have a pfsense SG-4860
WAN
71.214.257.76
255.255.255.252 (assigned) by ISPLAN
192.168.1.2
255.255.255.0
192.168.1.0 subnetDHCP
Range 192.168.1.75-192.168.1.254 for mobile devices, etc
DNS: 192.168.1.4 / 192.168.1.3Server 2012 AD DHCP/DNS #1 Replication good to #2
192.168.1.4 Static
DNS 192.168.1.3 / 127.0.0.1Server 2012 AD DCHP/DNS #2 Replication good to #1
192.168.1.3 Static
DNS 192.168.1.4 / 127.0.0.1DNS on both servers point to:
IPS DNS Server 1 lets just say 44.44.74.74
ISP DNS Server 2 lets just say 44.44.75.75
then 8.8.8.8 as backup -
Well what are you lan rules?
Are you allowing outbound for dns tcp and udp 53?
Your clients point to your AD dns that forwards to your isp.. So if you AD dns can not get on the internet what is there gateway.. Pfsense I would assume, and what are you Lan rules - by default they would be any any.. Can your dns servers directly query dns say your isp or google from nslookup or dig or whatever your fav dns tool is..
example.
C:>nslookup
Default Server: pfsense.local.lan
Address: 192.168.9.253server 8.8.8.8
Default Server: google-public-dns-a.google.com
Address: 8.8.8.8www.google.com
Server: google-public-dns-a.google.com
Address: 8.8.8.8Non-authoritative answer:
Name: www.google.com
Addresses: 2607:f8b0:4009:80f::2004
172.217.1.36 -
Your question about the gateway led me in the right direction. I had not set the correct gateway on the DNS Server. Silly oversight on my part. Thanks for the tip off!