After using pfSense for a few days, DNS refuse to work
-
Hi All,
Currently I have pfsense CE v2.5.1 + pfBlockerNG-devel v3.0.0_16 running.
But just recently I have trouble access the internet- cannot browse the website.
Pfsense is connected to my ISP @ 24/7, but it just cannot do DNS request.
I need to reload DNSBL then only the whole network can surf the the internet.
I have attached a text file of DNS log entries:DNS Resolver log.txt. Would appreciate if someone can tell what is device:192.168.1.210 is trying to do.
On separate note,I check my system log entries, just wondering if my nginx server is having problem. I got a lot message showing in the System log. See the picture below:
Thank you in advance.
-
@wepee said in After using pfSense for a few days, DNS refuse to work:
I have attached a text file of DNS log entries:DNS Resolver log.txt.
As the log already told you, I'll say it again, using more common english words.
Locate the device 192.168.1.210.
Power it down and remove it from your network, like throwing it out of the windows, or clean it up like re install from scratch, and keep nothing except the photos on it, if there are any.
Half, probably more, of the issue is now solved.Btw : nice, your log, in the same 'minute 14' unbound stopped and restarted several times.
Mine start and stops, a couple of time a week .... something like that.To make unbound even more happier :
Make sure that this :is UNCHECKed.
@wepee said in After using pfSense for a few days, DNS refuse to work:
On separate note,I check my system log entries, just wondering if my nginx server is having problem.
Noop, nginx is fine.
it looks like its the admin that has a problem.
How is it possible that this IP :hit's the nginx web server of pfSense ?
-
@gertjan my device at IP: 192.168.1.210 is my IP camera, I think it is trying to connect my DNS server.
-
@gertjan Client: 108.162.219.222 is actually Cloudflare web proxy server.
-
@wepee said in After using pfSense for a few days, DNS refuse to work:
Client: 108.162.219.222 is actually Cloudflare web proxy server.
Who ever "108.162.219.222" is, why should or would it connect to your WAN IP, and have the pfSEnse webgui answering it ?
Are you hosting a web site on your pfSense ?@wepee said in After using pfSense for a few days, DNS refuse to work:
my device at IP: 192.168.1.210 is my IP camera, I think it is trying to connect my DNS server.
It's not trying. It break all the rules, doesn't back of, and it is chain gunning your pfSense with requests.
If you have 5 minutes left :
Backup your config.
Reset pfSense to default. Assign your WAN interface, if needed and change the LAN IP/network - if needed.
Do not make any other changes.
Problems are gone now, right ? -
@gertjan said in After using pfSense for a few days, DNS refuse to work:
Who ever "108.162.219.222" is, why should or would it connect to your WAN IP, and have the pfSEnse webgui answering it ?
Are you hosting a web site on your pfSense ?Yes, my pfSense web interface is at: camsotech.com
-
Then that traffic should be NATted to device that is a Wordpress web server.
Right now, your pfSense GUI is exposed to the Internet.
That's a major security issue.Edit : The nginx log line tells you that.