- Setup DNS Servers in "SYSTEM- > General Setup"
- Enable DNS Forwarder in "SERVICES -> DNS Forwarder"
- Add a firewall rule on the LAN interface which allows traffic to the internet
Defaulted (see screenshot)
- Uncheck "block private networks" on your WAN interfaces if it is connected to a private network. (Interfaces -> WAN)
WAN is connected to my ISP, with a routable static address.
- assign the pfsense LAN interface as Gateway and DNS for your hosts on the LAN interface
- check from host with traceroute with and public IP address (e.g. 8.8.8.
and with (www.google.com
). This checks gateway and DNS functionality
I used 188.8.131.52 as my DNS. Names resolve fine at the pfsense box.
No need for any inbound rules if you just want to connect from the LAN to internet.
I have a couple of servers I need to forward to, and set those rules up.
Outbound rules on automatic is correct
Thought so. That's where that firewall LAN rule came from, right? (The second one.)
All of those had been done before I tried it...and got nothing through.