• Ok, let me try to lay out the scenario.

    Pfsense is configured to allow me to hit a server from my home IP.  No problem there.  Let's call that server:  server.blah.com

    If I am on the road, Pfsense is configured to let me vpn in and hit the same server if I use the IP number for server.blah.com on the LOCAL network.  Let's call it

    All of this works just fine.

    What I want to do is always use "server.blah.com" and not have to use the IP number when I am on the road and using the VPN.

    My understanding is that this is possible with pfsense.  Indeed, I have set the DHCP-Opt.: DNS-Server to the IP of the pfsense box and this IP does show up as the DNS server for the TAP network.

    But, how do I make the pfsense DNS server the "authoritative" server on my computer?  In other words, I need server.blah.com to resolve to when I have the VPN established.  I don't want it to resolve to the public IP for server.blah.com

    I supposed this is a windows configuration (my laptop) issue?

    Can someone lend a hand?


  • Ok, I figured this out.

    I needed to configure the DNS forwarder to be authoritative for the blah.com domain.

    Also, on the same setup screen, I needed to set the local IP for server.blah.com.

    Now, I can use the fqdn if I am at the home office or on the road.

    I LOVE pfsense !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!