Total Noob Question

  • Hi Guys,

    I'm an infrastructure engineer from NZ. I'm a Microsoft Windows Guy and have otherwise only used firewalls from Cisco, SonicWall and some Juniper of late, but until this week, I had never heard of pfSense and even then found it only by accident when looking into some small Micro PC's for a home project which got me into reading about it. This thing looks pretty damn cool!

    Anyways, where my previous intuition fails me is anything to do with Linux really. I've setup pfSense three times now in a Hyper-V virtual machine with two NICs. I have hn1 as my WAN on Static of which is routing to my actual Fibre router at (Given this is in testing it's upstream, however assuming it works out and if I can PPPoE to my Fibre carrier over VLAN 10 it will likely become the router for the house if this looks half as good as everyone says!).

    The hn0 interface LAN side is currently just a test network again of without DHCP. I've a few clients which are using this subnet with static IP's. They are obviously also using as both the Default Gateway and DNS Server which I've forced.

    Where I seem to have issues is my DNS resolution doesn't work. I can do a ping or nslookup for example from the Web Interface of the pfSense box without issue, even using the LAN interface, however nothing on the actual LAN side of the box with a client PC/Tablet can. I've also tried statically assigning to a client, and that fails too, so it's possible there is no traffic passing over the box, not just DNS.

    I've tried a few different setups, but before writing this post, I've factory reset the box and are using the DNS Resolver with default settings and have configured the Global DNS server as which is my Fibre Router (Yes, it's a DNS Server). I have also tried using and I've tried forcing it to use the Gateway of the WAN to all without any luck.

    Given I can't even do the most simple of things - Route packets from network A to B, I'm worried about doing anything else, but hey, one step at a time right?

    Can anyone give me a few tips to get me looking in the right direction? - Thanks in advance!

    • Jay

  • LAYER 8 Global Moderator

    Can your clients on lan ping your router at

    Current pfsense using resolver as default.. So does not matter what you assign to pfsense to use for dns, clients that ask pfsense for dns would be using the resolver.  That has to have udp/tcp 53 outbound to the internet.  Does your nat router in front of pfsense block that?  Does your isp block that?  Is it just slow?

    Did you modify the lan rules?  By default all traffic is allowed, if your saying a client can not query direct then you got something really basic wrong in your vm environment most likely.  I would do a simple ping to your from client on 192.168.10 – if that does not work going to be real hard to use the internet in any fashion.

Log in to reply