Internal website gets DNS rebind attack



  • So I'm in the process of switching our firewall to pfSense and im getting an error when accessing an internal site. It gives the DNS rebind attack error message, so I go to advanced and disable the option. Now it redirects me to the pfsense login page.

    My Windows DC is doing DHCP and DNS, is there an option that I'm missing or need to add so this internal site resloves properly? Also this internal site is accessible from the outside.

    Any ideas on what will fix this?

    pfSense 2.0 release amd64, dhcp is disabled on pfsense

    Thanks.


  • Netgate Administrator

    You need to turn on NAT reflection to access internal servers using an external URL.
    It's in System: Advanced: Firewall and NAT

    Steve



  • OK, so I've unchecked the Disabled NAT Reflection for 1:1 NAT … but im still getting the pfSense login page.

    Any other ideas?

    Thanks


  • Netgate Administrator

    Hmm, OK.
    Because you are not using pfSense for DNS things get confusing.

    I assume you can access the server from outside your network? And you are using URLs to do so?

    You may have to restart the pfSense box before the NAT reflection starts to operate or reset the state table in Diagnostics: States: Reset States.

    Steve


Log in to reply