Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Pfsense with windows AD DNS + squid unable to resolve local hostnames

    DHCP and DNS
    5
    7
    2087
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      raj_amid last edited by

      hi i am new to pfsense. i have problem with squid not able to resolve local host names.

      windows AD- 192.168.100.0
      pcs-192.168.10.0

      pfsense -public ip
      pfsense local ip- 192.168.10.250

      no transparent proxy.

      dns and dhcp from cisco switch. routing. all networks

      1 Reply Last reply Reply Quote 0
      • johnpoz
        johnpoz LAYER 8 Global Moderator last edited by

        "dns and dhcp from cisco switch"

        Huh??  If you have AD, all members of domain or anyone actually wanting to resolve AD stuff needs to point to AD dns server, and should prob use that as dhcp as well..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        2440 2.4.5p1 | 2x 3100 2.4.4p3 | 2x 3100 22.01 | 4860 22.05

        1 Reply Last reply Reply Quote 0
        • D
          doktornotor Banned last edited by

          This whole thread would strongly benefit from a network diagram. Also, completely missing how on earth is Squid relevant here. Fix your DNS on the pfSense box and it will work in Squid as well.  ::)

          1 Reply Last reply Reply Quote 0
          • R
            raj_amid last edited by

            sorry only dhcp range is from cisco switch dns from AD all meembers pointing to AD dns.

            1 Reply Last reply Reply Quote 0
            • D
              doktornotor Banned last edited by

              And how exactly is that supposed to work? DHCP is doing the DNS registrations. Would suggest to read some MS docs.

              1 Reply Last reply Reply Quote 0
              • C
                chris4916 last edited by

                I suppose this guy is running Squid on pfSense box using explicit proxy configuration.
                When using explicit proxy (which is the right approach BTW), name resolution is done at proxy level.

                For what I understand from this fuzzy description, with such configuration, accessing internal web site doesn't work because Squid can't resolve internal name.

                What you can do it is to configure "use alternate DNS server" in Squid general settings so that it points to your internal DNS, assuming this internal DNS is also able to resolve external names, relying on DNS resolver or forwarder  ;)
                This also assumes that your internal DNS contains entries for internal web sites you want to access  8)

                EDIT: typo

                Jah Olela Wembo: Les mots se muent en maux quand ils indisposent, agressent ou blessent.

                1 Reply Last reply Reply Quote 0
                • M
                  muswellhillbilly last edited by

                  @raj_amid:

                  sorry only dhcp range is from cisco switch dns from AD all meembers pointing to AD dns.

                  I'm not sure what you mean exactly, but your DNS setup should probably look something like this:

                  Your Squid (running on PFS?), your PFS and your clients should all have your Windows DNS server (domain controller) set as the main DNS server. Your Windows DNS server should have your external (public) DNS servers set as it's forwarders. That way, your Windows clients can resolve all your internal and external hosts as well as function within the AD envirnoment correctly, and your proxy/firewall will also resolve all internal and external hosts.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post