Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS Host Override works on local network but not from public (wan) request

    Scheduled Pinned Locked Moved DHCP and DNS
    1 Posts 1 Posters 134 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      hypernova
      last edited by

      Hi,

      I have set some DNS host overrides in pfSense under Services / DNS Resolver / General Settings

      These are working ok for request originating from the local network, but not from requests originating outside my network. (From WAN)

      They also do not work from my local network, if I am connected upstream of the pfSense router.

      To allow the reader to make some sense of this, this is how my network is setup.

      I have a standard ISP router which forwards 80, 443 to the pfSense box.

      As stated, pfSense has several host overrides and is configured with DNS Resolver (not forwarder) enabled.

      I'm my no means an expert in DNS by the way.

      If I connect to something (wireless/ethernet) behind the pfSense router, all host overrides work ok. Entering the host.domain address into a web browser pulls up the expected page.

      If I connect to something upstream, such as the wireless AP on my ISP router, all requests get resolved to the same host behind the pfSense box.

      There are a couple of physical machines behind the pfSense router. Traffic to 80 and 443 should be switched depending on which web address is requested, but this doesn't appear to be working for any WAN traffic, as everything is routed to the same machine, which I assume is the "default" because it is the first entry in the "Host Override" table.

      From an external point of view I am using dynadot as my domain name registrar. The A records set are for "*", "www." and "" (blank). These all point to my domain name with the public IP set.

      I would have assumed, although I am probably not correct, that any request for [anything].mydomain.com would be requested externally to my local network, would be directed to my IP address. If that traffic is for port 80 or 443, those should be forwarded (and they are) to the pfSense box. I would have thought pfSense would then switch the traffic depending on the URL. But I guess I misunderstand how DNS works.

      I'm looking for advice on how to debug this further and then potentially fix the issue. I guess I've not understood quite how to set things up correctly.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.