Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Configure pfsense as Local / over VPN DNS / Forwarder

    Scheduled Pinned Locked Moved DHCP and DNS
    2 Posts 1 Posters 218 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Bambos
      last edited by

      Hello everyone,

      i have a new use case i would like some comments. Never done that before, but seems doable with pfSense. Actually is a combined DNS functionality, like below:

      1. Local DNS functionality. Just hostname.domain.local -> resolve the local IP.
        Is there a place where we can set the devices name with domain and hostname ? for example:
        device1.domain1.local -> 192.168.3.15
        device2.domain3.local -> 192.168.5.14
        while those lan's are pfsense LAN ports.

      2. Local DNS Functionality (internally on LAN) but the devices are over a VPN site to site tunnel to another pfSense firewall (which has the functionality 1 already in place).
        In other words, 2 separate LANs, connected with Open VPN tunnel, while all the users sharing all the resources between the 2 LAN's.

      3. Combine the above functionality of 1 and 2, while clients are connecting with OpenVPN remote access to both firewalls. (push all routes over VPN). some users are connecting to site1, some connecting to site2.

      4. There is a dedicated router for connecting to a governmental services. This network is connected to a LAN port of pfSense. This router provides a gateway, they suggest to have a static routing to 4 private networks they have, and also DNS forwarder with domain override to specific DNS servers of them. (so this eventually accessing their portal securely).

      Question:
      by default pfSense runs dns resolver on port 53, while dns forwarder is disabled.
      In case the above requirements need both services to run (dns resolver and forwarder), which ports is suggested to use for both services ?

      So what will be a setup recipe for the above requirements to be achieved ?
      I'm not asking detailed configuration steps, i'm just asking about the general idea of setup (general guide) from anyone who thinks that this could work on pfsense, or have a feeling that is doable.

      Thanks for any comments.

      1 Reply Last reply Reply Quote 0
      • B
        Bambos
        last edited by

        This is what my setup is. Both pfSense firewalls are able to locally resolve DNS using the host override settings.
        my goal is to have clients to LAN3 resolve dns from LAN0.
        The 2 pfSense firewalls are connected over VPN

        a6c08b14-3d30-4096-8fe3-1db116905b95-image.png

        The settings i used is domain override on the DNS Resolver service.
        Since LAN3 has routing to network 0, i used the remote pfSense address.
        623cacba-8fbe-4ea1-a416-dce5c2ff56c4-image.png

        Does this going to work ? is that a sufficient setup ?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.