i feel stupid i cant get pfblockerng to work with my vpn
-
Running the latest pfsense version on a 2.2 i5 4 gigs of ram.
tried using these steps https://www.linuxincluded.com/block-ads-malvertising-on-pfsense-using-pfblockerng-dnsbl/
I got confused on the wizard on which interfaces to select when using a vpn. Tried inbound wan outbound vpn interface and vice versa. Also tried variations of lan/wan and lan/vpninterface and vpn/vpn just for kicks. also tried ->services ->dns resolver and changing the outgoing interface to lan then re did it in wan incoming /lan outgoing and still no dice.
Every time I try pinging an ad server I get the ip back.
Extra things tried: added route-nopull to my OpenVPN options
and services -> DNS Resolver -> General Settings -> DNS Query Forwarding: Enable forwarding modeI'm not sure what im leaving out from those steps or is there stuff missing from that tutorial I should be doing? I do see some things being blocked at the status window but when I go to say (yahoo.com yes I'm intentionally going there because its filled with ads.) all the ads pop up.
-
and its not working on a fresh install either.
edit and feeling stupid I should. I had VPN DNS addresses on the machines
-
So all good once LAN clients were using Unbound in pfSense for DNS?
-
@stephenw10 yup then I just increased my dhcp lease times to several seconds of holding down the 9 button to give "quasi-static" IPS. But still use dhcp for the DNS.
-
Hmm, not sure why you would have to do that. You could just add them as static leases so they always get the same IP.
Steve
