Can't access pfsense.org
-
I installed PFSense and got it working just fine. I then installed Squid and had the message error about not having permissions on the cache directory. I then tried to reinstall the package and immediately got a message 'unable to retrieve package info from www.pfsense.org …". I then used my web browser to go to pfsense.org and I get a time out, and I cannot access www.pfsense.org from any other computer that would DNAT through my external IP. However I can access pfsense.org from other locations (ie. not from behind my pfsense firewall). I can access any other website just fine and there are no messages in the firewall log. And I can access the forum subdomain, not the primary domain. I do not have a firewall on the computer that I am accessing from. Has pfsense.org somehow blocked my IP?
-
Hmm, seems odd. Some sort of DNS cache problem.
Which version of pfSense are you running (nano, full, 64bit etc)?
What hardware are you using? What is your WAN connection? Anything else you think might be relevant!Steve
-
Aha, you hit the nail with your head ;-) I had the DNS forwarder turned on, and turned it off and the problem went away. Now what is strange is 'why'?
-
Hmm, well the DNS forwarder is enabled by default so it shouldn't be causing a problem.
If you disable the forwarder then all DNS requests have to go to your external DNS servers which can introduce a delay. More importantly you won't be able resolve any internal names.
The only reason this could happen is if the forwarder ends up with a local DNS entry that overides the external entry for pfsense.org.
In services:DNS forwarder (where you disabled the service) what settings or entries do you have?Steve
-
Yep, I agree. I don't think it was necessarily the DNS forwarder. Upon further investigation I 'think' that I needed to check the 'Do not use the DNS Forwarder as a DNS server for the firewall' in the General Setup. At least that is what I did and it seems to be working now. I didn't have any other items checked in the 'DNS Forwarder' other than the 'Enable DNS Forwarder'. So I don't know what is going on, but it certainly is/was a DNS cache issue