Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Redirect DNS to 8.8.8.8 for Specific source IPs

    NAT
    2
    3
    1.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      razaqad
      last edited by

      I have followed the following guide but can't seem to make it work.

      https://www.netgate.com/docs/pfsense/dns/redirecting-all-dns-requests-to-pfsense.html

      I've done the following

      Interface: LAN
      Protocol: TCP/UDP
      Source IP: Alias (bypassDNSBL)
      Source Port: 53 (DNS)
      Destination: 192.168.0.30 // this is my pfsense server address
      Destination Port Range: 53 (DNS)
      Redirect Target IP: 8.8.8.8
      Redirect Target Port: 53 (DNS)
      Description: Bypass for DNSBL
      NAT Reflection: Disable
      Filter rule association: Add associated filter.

      Then in firewall lan rules i moved this rule above the rule which blocks external dns.

      I can't figure out what i am doing wrong.

      What i want to do is the IPs specified in bypassDNSBL would be redirected to google dns server so they can bypass DNSBL and get unfiltered access.

      Help me please

      1 Reply Last reply Reply Quote 0
      • A
        akuma1x
        last edited by akuma1x

        I don't think this thread belongs in the NAT section, since that really doesn't apply here. Anyway...

        How many machines (computers or phones) are we talking about? You said you made an alias, but didn't give a number count.

        This is what I do - Set static DHCP addresses for these devices, and in the Services -> DHCP Server -> LAN -> Edit Static Mapping section, physically give them the Google DNS server addresses - 8.8.8.8, 8.8.4.4, it's about 8 or 9 lines down the screen, says DNS Servers with a bunch of text boxes.

        If you don't have too many hosts on the LAN, it's really easy. On these hosts, you should refresh their DHCP leases, then they'll pick up the new settings from PFSense.

        Also, delete that firewall rule you created, it's not necessary. That one after this rule, the block external DNS one, might cause trouble, however... Somebody here, better with DNS, should comment on that.

        Jeff

        1 Reply Last reply Reply Quote 0
        • R
          razaqad
          last edited by razaqad

          I've already tried the method you mentioned. But i think there is a bug in pfSense.
          What i want to set is
          Primary dns 192.168.0.1
          Secondary dns 8.8.8.8

          Note pfsense ip address is 192.168.0.30

          When i set
          primary dns 8.8.8.8
          Secondary dns 192.168.0.1

          Dhcp settings are right this way. And dhcp clients get the correct order from dhcp server

          But when i set what i require
          Primary dns 192.168.0.1
          Secondary dns 8.8.8.8

          Clients get
          Primary dns 192.168.0.1
          Secondary dns 192.168.0.30

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.