NAT port forwarding



  • Dear Sir
    We are using pfSense ver.2.3.3 in our office. We are able to do the internet through pfSense without any problem. The problem I’m facing is that I am not able to redirect my packet to open DNS for content filtering. I have configured Dynamic DNS and it’s working fine. The cached IP is showing green. I have configured NAT as port forwarding. But my redirected packet is not reaching to open DNS at all. Even the open DNS link is also saying that my packet is not redirecting there. I want to redirect my all packets to the open DNS for content filtering all. Please help me how can I redirect the packet to open DNS.
    Thanks in advance.
    Surajit Chakraborty
    ![dynamic dns1.png](/public/imported_attachments/1/dynamic dns1.png)
    ![dynamic dns1.png_thumb](/public/imported_attachments/1/dynamic dns1.png_thumb)
    ![dynamic dns2.png](/public/imported_attachments/1/dynamic dns2.png)
    ![dynamic dns2.png_thumb](/public/imported_attachments/1/dynamic dns2.png_thumb)




  • Banned

    You are forwarding DNS request targeting your WAN interface to OpenDNS, this of course won't affect LAN clients unless you tell them to use your WAN address as DNS server. Set the destination address to the OpenDNS IP and mark "Invert Match", so that anything not targeted at OpenDNS will be redirected there.



  • Dear Sir
    Thanks for your valiable information.Now I am able to block the free DNS also.I have made an allias and apply in the NAT rule.Contents are filtering as well as free DNS are being blocked.But this is a tidious and lengthy process.There are thousands of free DNS IP are exisitng. pfSense doesn't alowing me at all to put that huge amount of ip's in my allias list. Restriction is there for the number of entries.My question is there that is there any rule will be possible in pfSense that all the request will come to the pfSense and pfSense will reject if the DNS request are not matching which are mentioned in the DNS Server of the pfSense section.
    Thanks in advance.


Log in to reply