4. Internal website gets DNS rebind attack

Internal website gets DNS rebind attack

  • N

    So I'm in the process of switching our firewall to pfSense and im getting an error when accessing an internal site. It gives the DNS rebind attack error message, so I go to advanced and disable the option. Now it redirects me to the pfsense login page.

    My Windows DC is doing DHCP and DNS, is there an option that I'm missing or need to add so this internal site resloves properly? Also this internal site is accessible from the outside.

    Any ideas on what will fix this?

    pfSense 2.0 release amd64, dhcp is disabled on pfsense

    Thanks.

    0
  • Netgate Administrator

    You need to turn on NAT reflection to access internal servers using an external URL.
    It's in System: Advanced: Firewall and NAT

    Steve

    0
  • N

    OK, so I've unchecked the Disabled NAT Reflection for 1:1 NAT … but im still getting the pfSense login page.

    Any other ideas?

    Thanks

    0
  • Netgate Administrator

    Hmm, OK.
    Because you are not using pfSense for DNS things get confusing.

    I assume you can access the server from outside your network? And you are using URLs to do so?

    You may have to restart the pfSense box before the NAT reflection starts to operate or reset the state table in Diagnostics: States: Reset States.

    Steve

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy