Problem connecting to a local server when using a dynamic adress given by dhcp

Abarai · Jun 25, 2009, 10:41 AM

Hello, I'm currently running pfSense 1.2.2 on my Network configured as followed:

WAN1 LAN1
\ /
pfSense
/
WAN2 LAN2

my problem concerns a web server on LAN2 (I don't need a dmz). This server is accessible through a static IP 192.168.3.4, and should be accessible only on LAN2.

In the general Setup, i configured the DNS of OpenDNS (208.67.222.222 and 208.67.220.220). This works well on LAN1. I activated a DHCP server on LAN2 with the following range: 192.168.3.10 to 192.168.3.50. As for the DNS Servers, since I enabled DNS forwarder, I use the interface's IP.
With this kind of configuration, i'm able to reach the server when i ping using the hostname, however, i can't reach the Internet.
If I use other DNS for the configuration of my DHCP server, i can reach the Internet but can't reach the server using the hostname anymore. For some reason, i'm redirected on an opendns server.
If I configure a static IP on a local machine using the following:
IP: 192.168.3.46
Mask: 255.255.255.0
Gateway: 192.168.3.254
DNS: 208.67.222.222
DNS2: 208.67.220.220
or DNS: 192.168.3.254 and DNS2: 208.67.222.222
everything work normally.

It looks like the configuration sent by the dhcp has a loophole somewhere, but i can't find it.
Anyone has an idea?

I noticed I can't ping the interface of LAN2, i'm not sure if this is linked to my problem or not.

goulou · Jun 27, 2009, 5:07 AM

I'm not sure whether I fully understand your configuration as described but since you're looking for ideas…

You are using static IP's on LAN2 but can't reach the internet with DNS Forwarder configured... I would suggest you first confirm your DHCP server configuration. Do you have "Enable Static ARP Entries" checked? If so, the likely reason your LAN2 server cannot get out to the Internet with DNS Forwarder enabled is you also need to add an entry for the LAN2 server itself since LAN2 is using a non-DHCP assigned address.

Assuming DNS on your LAN2 server points to PFSense LAN2 interface address, then simply add an entry on the DHCP Server page: {MAC address IP address Hostname Description} and save + apply your new settings.

You should be in business with that.

Abarai · Jun 30, 2009, 8:02 AM

Hello, sorry for the delay.
I'm using static Ip's only because i have to. I'm trying to have a normal Lan, on which the servers are defined with a static IP (the IP is given by pfsense) and every other computers receive and address from the DHCP. The server is configured correctly. The problem is when a user with a dynamic address try to ping, or try to connect to a SQL database using the hostname of the server, he is redirected on an opendns server, whereas a user configured with a static IP (with the exact same configuration than the one forwarded by the dhcp server) can reach the server.

I don't understand this process.

My not having Internet depends on the DNS configured in the dhcp server. It is said that if dns forwarder is enabled one must use the interface's Ip. However if i do this i can not reach the internet, whereas if i configure a real DNS, i access the internet.