Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Opendns+pfsense (web-filtering)

    Scheduled Pinned Locked Moved
    Firewalling
    4
    24
    5.0k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      doktornotor Banned
      last edited by

      @MarkVLK:

      How is it possible that I'm not using the OpenDNS servers setup in my System > General section?

      Because that's NOT setting for clients, as already noted on your own thread. Posting across another 10 threads won't exactly help.

      Also, DNS resolver will NOT use any of those unless forwarding is actually enabled.

      1 Reply Last reply Reply Quote 0
      • M
        MarkVLK
        last edited by

        @doktornotor:

        @MarkVLK:

        How is it possible that I'm not using the OpenDNS servers setup in my System > General section?

        Because that's NOT setting for clients, as already noted on your own thread. Posting across another 10 threads won't exactly help.

        Also, DNS resolver will NOT use any of those unless forwarding is actually enabled.

        I noted in the other thread that the clients (or at least the PC I'm currently testing on) have the pfSense box's IPv4 & IPv6 LAN addresses listed as their DNS servers. Since the client has the pfSense box listed as its DNS server (and I've confirmed with Wireshark that DNS requests are indeed going from 192.168.1.x -> 192.168.1.1) and the pfSense box is set up to use OpenDNS as its DNS servers, what else is there for me to change?

        As far as forwarding being enabled, the pfSense DNS Resolver docs (https://doc.pfsense.org/index.php/Unbound_DNS_Resolver) say "Unbound (aka DNS Resolver) requires that the DNS Forwarder be disabled or be moved to a different port" so I assumed I was just supposed to keep it disabled as it was by defauled.

        The pfSense DNS Forwarder docs (https://doc.pfsense.org/index.php/DNS_Forwarder) say that "If the DNS forwarder is enabled, the internal interface IP for pfSense will be handed out to DHCP clients as a DNS server. If the DNS forwarder is disabled, the DNS servers configured on pfSense will be handed out instead." My DNS Forwarder is disabled, yet the internal interface IP for pfSense (192.168.1.1 & the IPv6 address for LAN) is being handed out to DHCP clients as the DNS server still.

        1 Reply Last reply Reply Quote 0
        • D
          doktornotor Banned
          last edited by

          As I already noted above, DNS resolver will not forward anything anywhere by default; it's recursive DNS server. Kindly look at the GUI and tick the proper checkbox if you want unbound to forward your queries.

          1 Reply Last reply Reply Quote 0
          • M
            MarkVLK
            last edited by

            @doktornotor:

            As I already noted above, DNS resolver will not forward anything anywhere by default; it's recursive DNS server. Kindly look at the GUI and tick the proper checkbox if you want unbound to forward your queries.

            Apologies, I was thinking you meant the DNS Forwarder needed to be enabled. You mean to just check off the Enable Forwarding Mode under the DNS Query Forwarding section of the DNS Resolver?

            UPDATE: When I enabled forwarding mode in the DNS Resolver settings, all of my DNS queries started failing and I could no longer browse the internet.

            UPDATE 2: I tried testing the OpenDNS connection on their website from my phone and low and behold, it works. I assume the issue was with the fact that the PC I was testing on has a static IP assignment in the DHCP Server on the pfSense box.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post