IPhone DNS - pfSense

  • Hi all,

    Long time reader , first time poster. Please be gentle.

    We are presently trialling pfSense as a wireless network controller in our organisation.

    We have it up and running with captive portal, authenticating against our radius server.

    So far so good.

    We have a number of web based applications that we would like to publish to the wireless network. They are hosted on 2K3 boxes with dual nics one to our internal network and one to the wireless network.

    I have placed an entry in DNS Forwarder so that a clean address (eg http://testsite) redirects to the ip address of the webserver.

    If I connect to the wireless via a laptop I can get to the site via the dns address. All works fine.

    DNS is handed out to our users via DHCP.

    If I try to connect via an iPhone 3g 2.2 Firmware, I can get to the captive portal and authenticate no problems. All external web traffic works fine, however the internal DNS entries eg http://testsite do not resolve. I can see the website via its IP so its not a connectivity issue.

    Does anyone know what I might be doing wrong? Am I missing something or is the iPhone DNS just screwy!!

    For everyones info we're runing pfSense 1.2.1 RC2 the DNS server that is issued to clients is the IP of the pfSense box The domain is just .local.

    If you need any other info please let me know.

    Appreciate any help.

  • Could it be that the iphone extends all the names you enter with "www." ?
    For this case you would need another entery as in the screenshots in this post: http://forum.pfsense.org/index.php/topic,9440.msg53554.html#msg53554

  • @GruensFroeschli:

    Could it be that the iphone extends all the names you enter with "www." ?

    Assuming the iPod touch uses the same bytes as the iPhone, then no, it doesn't append "www." on its own.
    Just checked by connecting to  http://wrt54gl  in the same subnet.
    Name resolution is done by pfSense.

    Check the DNS the iPhone uses. Does ping work (there's a free ping tool in the AppStore…)?

  • Ive made a test on my local network. Ive made a domain name in plesk (domain that is not exist) and like u i cannot access it only via IP. I think that the iphone has a different type to resolv dns

  • Since I received my iPhone recently I was able to check it with that device as well.
    Ping and HTTP work flawlessly, given the right DNS.

    AP is WRT54GL connected to a pfSense OPT IF, DNS is the standard forwarder from pfSense which is correctly shown on the WLAN setup screen.
    What does your iPhone show as DNS?

  • Hi,

    I'm facing the same problem.

    Here's what I found using tcpdump:
    17:46:33.675662 IP > 0 A (QM)? dev.local. (27)

    The IP is related to Multicast DNS (http://www.multicastdns.org/).
    No idea what to do with it.

    Edit: Maybe this link can help: http://support.apple.com/kb/HT2385?viewlocale=en_US

  • Since the iPhone is from apple i suppose it will, if there is not DNS server configured, fall back to multicast DNS as specified in zeroconf/bonjour.
    Have you tried to force a DNS server by hand?

  • Hi, thanks for replying.

    Since then I discovered that the new 10.6 version of Mac OS X has the exact same behaviour
    I did try to set up the network settings manually but unfortunately the issue still exists.

    I found this thread explaining that the base of the problem is the ".local" tld used in our LAN. It is used by the "Bonjour" protocol.

    I am going to change my LAN tld into something not used by some fancy protocol (like ".lan" or something)

    I keep in touch.

Log in to reply