4. DNS Server Return/Lookup when trapped

DNS Server Return/Lookup when trapped

  • G

    i am using DHCP which sets the DNS server as pfsense, for some clients like andoid and windows (particularly with antivirus/firewalls) they set their own DNS overrides. e.g. comodo and avast

    I created a NAT Rule;

    Interface: LAN
    Protocol: TCP/UDP
    Source: LAN Net
    Src Port: *
    Dest: !pfsense
    Dest Port: 53
    NAT IP: LAN Net
    NAT Port: 53

    I block 53 from the WAN/VPNs and the rule works i.e. all PCs can resolve even with DNS overrides.

    Only one small thing i notice.
    When using nslookup to either resolve the host or the IP, the server is returned as unknown
    e.g.
    nslookup google.com
    Server: Unknown
    Address: 156.154.70.22
    Non-authoritative Answer
    Name: google.com
    Address: 172.217.19.206

    If the DNS is set to pfsense, the server name and address will be pfsense and the address of pfsense

    Am i able to return the DNS server name via a rule (even if trapped) or should i just ignore?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy