IoT devices spamming log with outbound queries...

furom

Hi,

I have a IoT net which I'd like should use pfSense for DNS. My current DNS rule does cause devices to spam the log with outbound query attempts. Why does that happen when I have only allowed DNS to a local IoT address? Please help me see what I do wrong. Thanks

IoT rule:
Allow
Prot: IPv4 TCP/UDP
Source: IoT Net
Destination: IoT address
Port: 53 (DNS)

viragomann

@furom
Some IoT devices have hard-coded DNS settings an ignore the DHCP DNS.

But you can simply drag them to your DNS by a NAT port forwarding rule.
I did this with DNS and NTP on my pfSense:

"Internal" is an interface group including my internal interface here.
These rules redirect any DNS and NTP traffic to the pfSense LAN IP.
I have set an associated firewall rule in the NAT setting, but you may also simply select "pass".

pfSense is responding using the origin destination IP the devices sent the requests to. So the devices don't know any of the redirection and are very relaxed.

furom

@viragomann Brilliant, I will try this, thanks :)