Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS Resolves in WAN but not LAN

    Scheduled Pinned Locked Moved Firewalling
    7 Posts 3 Posters 773 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      infovijay
      last edited by

      Hello All,

      I'm new to pfsense. I have installed pfsense in Workstation with 3 nics. Primary nic from local LAN connected to bridge network (10.109.246.220). 2nd NIC for internal LAN (192.168.100.1). 3rd nics for DMZ but I have not assigned yet. Out of the box set up with default firewall settings. The Windows VM in internal LAN receive the IP from pfsense. Able to ping pfsense and 8.8.8.8 but internet is not working. From pfsense shell able to resolve the public dns. But not from the internal LAN.

      I googled and tried many things as suggested by others, but nothing helps. Several times reset to factory settings and started from scratch, no clue yet.

      Please advise how to proceed further.

      Thanks in advance
      Vijay

      1 Reply Last reply Reply Quote 0
      • W
        wussupi83
        last edited by

        1.) Have you created pass rules (Firewall->Rules) for port 53 destination traffic in your rules tabs for each interface (excluding WAN)?
        2.) Have you configured your DNS Resolver to respond to DNS queries for each interface (excluding WAN)?
        3.) Did you configure your DNS Resolver to select WAN as your Outgoing Network Interface?
        4.) Did you assign your DNS servers in System->General Setup?

        1 Reply Last reply Reply Quote 0
        • I
          infovijay
          last edited by

          Hi

          Thank you for your response. For all your questions, yes I did. Please refer the attached screenshots and point me the missing rule.

          ![Screen Shot 2017-12-15 at 12.07.45 PM.png](/public/imported_attachments/1/Screen Shot 2017-12-15 at 12.07.45 PM.png)
          ![Screen Shot 2017-12-15 at 12.07.45 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2017-12-15 at 12.07.45 PM.png_thumb)
          ![Screen Shot 2017-12-15 at 12.07.52 PM.png](/public/imported_attachments/1/Screen Shot 2017-12-15 at 12.07.52 PM.png)
          ![Screen Shot 2017-12-15 at 12.07.52 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2017-12-15 at 12.07.52 PM.png_thumb)
          ![Screen Shot 2017-12-15 at 12.08.16 PM.png](/public/imported_attachments/1/Screen Shot 2017-12-15 at 12.08.16 PM.png)
          ![Screen Shot 2017-12-15 at 12.08.16 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2017-12-15 at 12.08.16 PM.png_thumb)
          ![Screen Shot 2017-12-15 at 12.08.42 PM.png](/public/imported_attachments/1/Screen Shot 2017-12-15 at 12.08.42 PM.png)
          ![Screen Shot 2017-12-15 at 12.08.42 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2017-12-15 at 12.08.42 PM.png_thumb)

          1 Reply Last reply Reply Quote 0
          • W
            wussupi83
            last edited by

            What are 10.107.1.110 and 10.112.166.138 and where are they located on your network relative to PFSense?

            1 Reply Last reply Reply Quote 0
            • I
              infovijay
              last edited by

              Those are the DNS server from local LAN.

              1 Reply Last reply Reply Quote 0
              • W
                wussupi83
                last edited by

                When you say "local LAN" are you referring to the local LAN connected to your LAN interface of PFSsense? Or are these going to be on the other side of your PFsense box? (i.e accessible via the WAN interface)

                1 Reply Last reply Reply Quote 0
                • T
                  tjsummers51l
                  last edited by

                  You mentioned VM Windows machine. Have you tried disabling the host firewall?

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.