NETGATE 2100 OPENVPN DNS QUESTION
-
@Gertjan sorry about that, not sure why they are do freaking big lol, yes you are correct, on my GUI both are highlighted all it just didn't show up in my screenshot for whatever reason.
-
Did you try the packet capture ?
- Select the VPN interface.
- Select View : Full details
- Protocol UDP (we're after DNS after all)
- and port 53, as DNS uses port 53.
Then, hit the Green start button.
Connect your client VPN device.
Check that you are connected :
Now, if you have the tools (apps) : do some DNS requests.
If you use a windows OS : nslookup can help you ...
Android device ? Nevers saw them, but apps must exist.
iphones : get the he.net app for, example.The packet tracer should show results now = dns packets with the host names your device was looking for.
-
@turbogn87 Is it Mac OS, fonts are awesome?
-
@turbogn87 I mean font rendering
-
@Gertjan give me over the weekend to check on things, I been buried on other projects, I will report back. Thank you again for all your help!!!!
-
@turbogn87 Well I tried all your suggestions, I honestly stumped lol, I do not see why I can ping my host name but IP is fine. I'm sure its something silly I'm missing. If you are out of answers I do understand and I appreciate your time. If you know anything else to look for let me know. The only other thing I did notice and doesn't make any sense. If im connected If I run like a program like angry ip scanner It will see the IP and the machine name and I can ping my host name after I scan until I disconnect and reconnect.
-
What are you actually trying to resolve? Hostnames in the local network? And I assume that works if you are on the local network directly?
Are they actually failing to resolve? What error is shown on the remote client?
Are you trying to use just the hostname? What if you try the full FQDN?
-
@stephenw10
What I'm trying to resolve is when I connect through my vpn I would like to either rdp to my office pc or my file server which I can as long as I know the IP address. If I put in just the computer name it doesn't work. I'm not getting any kind of error. If I try to ping by name or I did try to FQDN it just comes back and tells me it cant find the name lol. Like I said im self taught here, I was in IT like 20 years ago. I usually can figure out most issues, but PFsense and openvpn is somewhat new to me. To be clear my so-called server is just a file server as in a win11 pc with some shares I have about 3 other pc's in the office accessing. No true windows server doing dhcp or dns, Im letting my netgate device handle all that. Not sure if that has something to do with it. And yes I can ping just fine by name across the network, just when im offsite connected through vpn, but i can ping the netgate device name. So that kinda tells me dns is somewhat working. I hope all that makes sense. -
OK so what error do you see if you try to just: ping server1
And what if you try the full fqdn like: ping server1.domain.local
Obviously use the real domain you have configured.
The other thing is that hostnames are not registered in the resolver by default. The fact you are able resolve them when local makes me assume you have enabled that but make sure it is in the DHCP server settings. That also assumes that the hosts you are trying to ping are using DHCP...
-
@stephenw10 HA!!!!! you my friend just turned on the light switch, It was staring me in the face all this time. When you mentioned DHCP I remembered I set my server to static a few weeks back just to keep up with the IP till i figured out why DNS wasn't working. Welllllll I set it back to automatic let it get a proper IP from the netgate device. To be certain I rebooted the box and boom I can ping both by name and IP now. Thank you for making me actually think lol. I think I'm good now. Thank you and to everyone who replied with suggestions. I apprecieate all of you!! Merry Christmas.
-
Ah, nice!
Yup I've been there.
I usually enter devices as a static mapping even they are using statically configured IPs. That way they still resolve and you can't accidentally reuse the IP.
