Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Internal website gets DNS rebind attack

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nutt318
      last edited by

      So I'm in the process of switching our firewall to pfSense and im getting an error when accessing an internal site. It gives the DNS rebind attack error message, so I go to advanced and disable the option. Now it redirects me to the pfsense login page.

      My Windows DC is doing DHCP and DNS, is there an option that I'm missing or need to add so this internal site resloves properly? Also this internal site is accessible from the outside.

      Any ideas on what will fix this?

      pfSense 2.0 release amd64, dhcp is disabled on pfsense

      Thanks.

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        You need to turn on NAT reflection to access internal servers using an external URL.
        It's in System: Advanced: Firewall and NAT

        Steve

        1 Reply Last reply Reply Quote 0
        • N
          nutt318
          last edited by

          OK, so I've unchecked the Disabled NAT Reflection for 1:1 NAT … but im still getting the pfSense login page.

          Any other ideas?

          Thanks

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Hmm, OK.
            Because you are not using pfSense for DNS things get confusing.

            I assume you can access the server from outside your network? And you are using URLs to do so?

            You may have to restart the pfSense box before the NAT reflection starts to operate or reset the state table in Diagnostics: States: Reset States.

            Steve

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.