Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenDNS not blocking sites

    General pfSense Questions
    4
    8
    1.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mrkool
      last edited by

      SO i have the pfsense setup to use opendns servers as DNS resolver and i do have a opendns account setup to block porn etc but it doesn't seem to be working. on the pfsense i get 127.0.0.1 and than the 208.67.222.222.and 208.67.220.220. on the clients all i get for dns is my pfsense ip addresss. everything local and on the internet is resolving just fine just no filtering.

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        So you set unbound to forward to opendns?  If not unbound is a resolver and will resolve not forward.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.7.2, 24.11

        1 Reply Last reply Reply Quote 0
        • GertjanG
          Gertjan
          last edited by

          Read also : https://forum.pfsense.org/index.php?topic=141990.0
          You will fine a test https://welcome.opendns.com/oops/ that wills how you if the setup has been done correctly.

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          1 Reply Last reply Reply Quote 0
          • M
            mrkool
            last edited by

            I read through the posts and the help section but I am not understanding where the resolution is coming from if you use resolver vs forwarder? pfsense only has the opendns servers as the DNS servers so if I choose resolver or forwarder my public IP (WAN) will be used to talk to the openDNS servers and that should send the block message.

            I have disabled resolver and enabled forwarder but still no luck with blocking.

            1 Reply Last reply Reply Quote 0
            • KOMK
              KOM
              last edited by

              Wrong.  Resolver uses the root DNS servers to resolve.  Forwarder just forwards the request to the DNS you specify in setup.  If you're using resolver, you need to check the Enable forwarding mode checkbox.  Only then will it use the DNS you provide.

              1 Reply Last reply Reply Quote 0
              • M
                mrkool
                last edited by

                thanks KOM this makes sense will try it out and report back

                1 Reply Last reply Reply Quote 0
                • M
                  mrkool
                  last edited by

                  did not work. I disabled the DNS Forwarder and enabled DNS Resolver with DNS forwarding option turned on and welcome.opendns.com says I am not using opendns servers. There was a site that would tell me which DNS resolver I am using but I cant seem to find it.

                  On opendns site it mentioned disabling DNSSEC but that is an older post.

                  1 Reply Last reply Reply Quote 0
                  • johnpozJ
                    johnpoz LAYER 8 Global Moderator
                    last edited by

                    Dude is your client pointing to pfsense for dns??  if you have forwarder enabled in resolver it will forward to where you tell it to forward.. If your using the forwarder then it will forward to where you set it to forward..

                    If your client is not pointing to pfsense doesn't matter how you set pfsense up..

                    Please post up your setting in pfsense, and your settings in your client showing what dns its using.. simple ipconfig /all in windows machine.

                    Here took all of couple seconds to switch over and test this.. See attached.. Make sure you clear your browser cache and your machines local dns cache.. Reboot the machine if you do not know how to do that..

                    If you do not disable dnssec and you forward to opendns your prob not going to get anything back since they do not support dnssec..  That should be disabled if forwarding to opendns.  See screenshot.

                    forwardusingresolver.png
                    forwardusingresolver.png_thumb

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 24.11 | Lab VMs 2.7.2, 24.11

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.