Firewall Alias FQDN not working in rule
-
I have an openvpn rule setup on my wan int with the source address configured as a FQDN alias. The vpn will connect, but after a long period of uptime if the remote side goes down and reconnects, the FQDN based rule is not longer working. I can see that the IP of the host is still the same, but the connection is being blocked by a lower rule I have setup for logging. I need this to work as the remote side is using DynDNS and I can't rely on the IP staying the same.
Anyone know why pfsense is failing to resolve the FQDN for this rule? If I reboot the box, everything is happy again, but just rebooting the resolver isn't effective.
-
You understand the aliases are only resolved every so often. So if the client goes down and backup and gets a different IP then you could have a problem.
-
Yes, I understand that. I can deal with a short delay. It appears that these entries are supposed to be refreshed every 300 secs, but in this case, the entries no longer continue to be refreshed at all.
-
https://redmine.pfsense.org/issues/8758
-
@grimson Thanks. That appears to be just what the problem is. Hopefully its patched soon.
-
This appears to be the same issue. https://forum.netgate.com/topic/124467/filterdns-stops-working/36 Too bad no progress is being made on a fix.