Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    DNS Resolver

    DHCP and DNS
    5
    6
    402
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dastrix last edited by

      I am running ExpressVPN on my pfsense but still getting my IP leaked and DNS leaks, i have followed lots of other forum posts.

      I have DNS Resolver enabled and DNS Forwarder disabled

      However i am finding my clients cant resolve anything unless i have a dns server set in

      General Setup - DNS Server

      0_1542749381952_resolver.PNG

      Grimson 1 Reply Last reply Reply Quote 0
      • Grimson
        Grimson Banned @dastrix last edited by

        @dastrix said in DNS Resolver:

        However i am finding my clients cant resolve anything unless i have a dns server set in

        General Setup - DNS Server

        Which is expected when you turn on DNS Query Forwarding. Do some RTFM https://www.netgate.com/docs/pfsense/book/services/dns-resolver.html

        1 Reply Last reply Reply Quote 0
        • D
          dastrix last edited by

          I should have said if i turn that off enable forwarding mode and remove DNS server from general page i cant resolve anything

          Gertjan 1 Reply Last reply Reply Quote 0
          • Gertjan
            Gertjan @dastrix last edited by

            @dastrix said in DNS Resolver:

            I should have said if i turn that off enable forwarding mode and remove DNS server from general page i cant resolve anything

            unbound - the Resolver - will contact the 13 main root DNS servers on any (all) interface by default.
            Outgoing Network Interface, by default, is "all".
            This means, when unbound starts, it will try ALL interfaces. Also LAN and other interfaces that won't route to, for example "198.41.0.4" (one of the main root servers).
            IF your EXPRESSVPN wont route to "198.41.0.4" at startup (startup of unbound) this interface will be fagged as "probably not" (don't use). Maybe it wasn't UP yet at that time ?
            The question is : is your EXPRESSVPN interface UP before unbound gets launched ?
            Test : when the EXPRESSVPN interface is up, restart unbound. Then it should resolve. because the connection EXPESSVPN is up. If not, the VPN is the problem.

            No "help me" PM's please. Use the forum.

            1 Reply Last reply Reply Quote 0
            • L
              lovan6 last edited by lovan6

              Getting ExpressVPN to work properly on Pfsense is difficult. You have to start from scratch by doing a factory reset to begin with.

              Messing with Pfsense DNS resolver is not gonna fix your problem. There are ways to do it right.

              The provided ExpressVPN tutorial on Pfsense is half baked.

              Send me a pm and I can provide you with a link.

              1 Reply Last reply Reply Quote 0
              • B
                bcruze last edited by bcruze

                this is a guaranteed fix for me. with 3 different providers. since can't get the resolver to do what i want it to either.

                services > dhcp server = assign static addresses to the devices you want to resolve through the personal VPN. once static is set edit the mapping and under DNS servers. plugin the vpn providers static DNS servers.

                reboot the computer and it will pass your leak test.

                i don't use express. but i am interested in any reading as well. i may be able to test/ apply it to my service? thank you

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post