Potential DNS Rebind attack



  • I use a duckdns.org address setup with dyndns in pfsense to access my network. When inside my network I'd like to be able to use that same address and have it just resolved to my local network.

    I've found that when I try to use the foo.duckdns.org name I get a message:
    Potential DNS Rebind attack detected, see http://en.wikipedia.org/wiki/DNS_rebinding
    Try accessing the router by IP address instead of by hostname.

    How can I set this up so that it works the same inside my network as outside?

    I use this for my cell phones and it is a pain to have to disconnect wifi to get them to connect to services.

    This used to work, then I setup PiHole and setup the DHCP server to give out the PiHole IP instead of using the routers IP. I don't want to get rid of PiHole.

    thanks
    david



  • I just disable that annoying alarm via Advanced Setup - Admin Access - webConfigurator - DNS Rebind Check.


  • Rebel Alliance Developer Netgate

    DNS rebinding isn't the issue. You are hitting the firewall web interface when you expect to be hitting something else. You can solve that in one of two ways:

    1. NAT Reflection (ew)
    2. DNS host override pointing that hostname at the local system you expect to hit for clients on your local network.

Log in to reply