DNS_PROBE_STARTED
-
Hello,
I hvae configured pfblocker-ng as well and I white-listed the domain
m*******n.com as well but when I do query from my client on lan behind pfsense. I'm getting this following error.nslookup mgcpakistan.com Server: pfSense.local.landomain Address: 172.16.16.1 DNS request timed out. timeout was 2 seconds. *** pfSense.local.landomain can't find m*******n.com: Server failed
I did an other test I connected my laptop and directly to ISP and test my domain is opening properly and everthing is fine. but I dont get it why it does not work behind pfsense. :/
I'm using public cloud flare dns and also test it directly on ISP router with cloud flare dns 1.1.1.1 site does response . Any idea where else to lookup and resolve this issue.
Regards
-
Several checks :
Does the DNS request actually arrive at pfSense, the resolver ?
Execute this on pfSense : a packet capture on LAN using port 53 :Execute the "nslookup mgcpakistan.com" again.
Did the packet shows up as a DNS request coming into pfSense ? And did it answer ?Another one :
On the console or SSH access of pfSense, execute the same command.
What did you saw ?Another one :
Before you've installed pfBlockerng, it did work ?Another one :
Before you removed/changed default settings on pfSense, like
LAN 192.168.1.1/24 for LAN
Resolving instead of DNS fowarding
Etc.
Did it work ? ( I already know the answer : it did ^^) -
@Gertjan
thanks for your prompt response. I was working even after setting up pfblocker-ng and from pfsense ssh console it does response and resolved. :/ . via looking the captured packet it does query to lan ip for resolve but servfaile q:A? . I don't get it why all of sudden this issue .Regards
-
You can see what pfblockerng did with the DNS request.
Ask it.
Do the request again.
Go to Firewall > pfBlockerNG > Alerts and look at the Alerts page.
And the Unified page.
You saw the request for the domain ? -
I already added domain it into my pfblocker-ng white-listing. I could not find it in unified and dnsbl . :/
Where else to look and resolve this issue.
-
-
I have been trouble shooting since morning , then I finally did two things.
1- added domain in pfblocker-ng Host-Over ride with public IP of domain .
2- Changed my WAN ip address.Restarted resolver service now guess what website is accessible and resolved :/ and then I change back to old WAN to test if it was blocked by datacenter but it was not blocked now domain is accessible on old wan IP too.
Thanks @Gertjan for your tips :).
Regards