Cannot access webGUI when using FQDN

kevindd992002

I'm trying to access my two pfsense 2.2 boxes using their FQDN (hostname.domain.com) but it returns an HTTP 400 Bad Request page. I don't have problems with DNS as it can resolve the FQDN to the correct LAN IP address properly. If I use http://{IP address} then it goes through just fine. This issue is happening on two freshly installed pfsense boxes.

I have another box that was upgraded from a lower version to 2.2 and I can access its webGUI either by FQDN or IP address without any problems.

What gives?

Slasky

Have you tried adding these FQDN in the Alternate Hostnames section under Advanced settings?

The webconfigurator Blocks any attempts of DNS attacks

jahonix

Access from LAN or WAN?
Are you using DNS forwarder or DNS resolver (when from LAN)?
What does NSLOOKUP to your FQDN tell?

kevindd992002

@Slasky:

Have you tried adding these FQDN in the Alternate Hostnames section under Advanced settings?

The webconfigurator Blocks any attempts of DNS attacks

Already did that to no avail. Besides, my working setup doesn't have anything in that field.

@jahonix:

Access from LAN or WAN?
Are you using DNS forwarder or DNS resolver (when from LAN)?
What does NSLOOKUP to your FQDN tell?

I'm accessing all from LAN.
I'm using DNS forwarder (dnsmasq).
nslookup to my FQDN returns the correct IP address meaning that it can query the DNS server with the right information.

The only difference I can see between my working and non-working setup is that the former uses the pfsense box as the DNS server itself (using dnsmasq) while the latter uses a AD DNS server that is forwarding to the pfsense box (also using dnsmasq).

doktornotor

@kevindd992002:

nslookup to my FQDN returns the correct IP address

What's "correct" IP address? Are you getting to RFC1918 one or the public IP?

kevindd992002

@doktornotor:

@kevindd992002:

nslookup to my FQDN returns the correct IP address

What's "correct" IP address? Are you getting to RFC1918 one or the public IP?

I'm definitely getting the RFC1918 one because I manually defined that in my DC DNS server. Let me explain it better:

My DNS server has an A record for backend_fw that resolves to 172.16.1.1.

I can access the webGUI by specifiying 172.16.1.1 but not when I type in the FQDN for backend_fw. nslookup/ping resolves backend_fw properly to 172.16.1.1.

kevindd992002

PROBLEM SOLVED!

I forgot that Windows doesn't want an "_" in a hostname/FQDN. I changed it to a "-" and the problem was solved.