Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS General Question - Captive Portal

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fmroeira86
      last edited by

      Hi,

      Simple question: does pfsense intercept dns traffic if clients set their own DNS servers?

      Thank you!

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        Not by default, it'd just get blocked in that circumstance. Port forwards can be used to intercept and redirect.

        1 Reply Last reply Reply Quote 0
        • F
          fmroeira86
          last edited by

          Hi! It did not work.

          I couldn't get any names to be resolved.

          I tried a port forward rule with:

          Interface: LAN
          Protocol: TCP/UDP
          Source: Any
          Destination: Any
          Source port Range: any

          Destination: any
          Destination port range: DNS
          Redirect Target IP: MY_DNS_Server
          Redirect target port: DNS

          NAT Reflection: Use System Default
          Filter Rule Association: Add associated filter rule.

          NOTE: This happens when I redirect to my Microsoft DNS Server.

          If I redirect to pfsense itself my machine can resolve names.

          1 Reply Last reply Reply Quote 0
          • C
            cmb
            last edited by

            The target has to be allowed through the portal via allowed MAC or IP.

            1 Reply Last reply Reply Quote 0
            • F
              fmroeira86
              last edited by

              The problem was the destination DNS server.

              Everything's working as expected with port forwarding…

              1 Reply Last reply Reply Quote 0
              • J
                JustAsking
                last edited by

                "does pfsense intercept dns traffic if clients set their own DNS servers?"

                No but my ISP does this all the time and forces me to use pages that they have cached even when i use OpenDNS for the upstream server.

                Bit rude of them when I have elected not to use their DNS server but this means that they are also having to isue fake SSL certificates too and are doing a Man-in-Middle to speed up pages and to save themselves money on the upstream bandwidth.

                Does not seem legal to me

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.