DNS Problem With Resolution



  • Hello and thank you for taking the time to read my post.  My problem is that I believe DNS is not resolving.  Internally it works fine, but getting out to the internet is not working.

    Here is my setup:

    Cable Modem plugged into WAN port.  IP address from ISP via DHCP.

    Lan assigned IP address of 192.168.1.2

    My endpoint is plugged into the Lan port.  DHCP is enabled on LAN.  Endpoint has received IP address of 192.168.1.100, 255.255.255.0, 192.168.1.2 Gateway

    Windows 8.1 64-bit endpoint shows, or rather thinks, the internet connection is present.

    When I try to navigate to a web page, it's not reachable.

    From the endpoint I try pinging yahoo.com and get a request timed out.  It does show an IP of 206.190.36.45.  I assume DNS is returning this IP.

    From the endpoint I am able to ping the gateway (pfsense box).  I connect to it and login.

    DNS Forwarder service is running.

    Under System > General Setup, DNS servers are entered.  The first entry is received from the WAN and is valid from my ISP.  75.75.75.75 (Comcast's DNS).  I also manually entered 8.8.8.8 for testing purposes.

    Under System > Advanced I have selected the Disable all packet filtering option.  For testing purposes only to make sure no Firewall rule was causing a problem.

    What else am I missing?  Is there any log file I could attach that would help further understand why this is happening?


  • LAYER 8 Global Moderator

    so what are your lan rules set too? while you list pfsense as your gateway - what is the dns server hand out to the clients.  If you say it resolves yahoo to its public IP.  You still have to allow it out.  Now the default lan rules should be any any and let your end 8.1 box to talk to the internet.

    But if you have edited these rules, or have setup a different interface its rules would be blank and you would have to create rules to allow the client out.

    Other possible issue is devices your trying to ping just do not answer ping and would explain timeout - if browsing is not working, this could be a proxy setup on your client that you can not get too, etc.

    Are you using squid on pfsense (proxy) this is another thing that is setup that could cause you problems if not correct.


Log in to reply