Saturday, December 05, 2015

How to resolve external hosts when using pfSense as firewall/router

pfSense 2.2.5 does not automatically resolve external hosts (but not hosts from the internet) using DNS servers provided by DHCP from the WAN interface. To force it resolve, do:

Navigate via Web UI:

  • Services | DNS Resolver
  • Scroll down to Domain Overrides
  • Add entry
    • Domain: [a domain suffix, e.g.,]
    • IP address: [DNS server IP]

What are the side effects without the above changes?

  • pfSense clients not able to access internet, especially when internet is controlled via a proxy.
  • Windows clients unable to access Windows share even using FQDN

No comments: