Netgate Store

Author Topic: Cant get WAn side of pfSense to resolve DNS via LAN side. VirtualBox Lab Setup  (Read 125 times)

0 Members and 1 Guest are viewing this topic.

Offline twelsh37

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Hi All,

First post so please be gentle.

I'm trying to setup a VirtualBox Lab on one of my Ubuntu Servers to do some malware research.

What I have configured is as follows.

My Home network is 192.168.0.0/24  and the route to the internet is via cable modem on 192.168.0.1
The Ubuntu Server is ip'ed as 192.168.0.13 and this has VIrtualBox running on this Server and I have created an internal network on the range 10.0.0.0/24

I have the following Virtual Machines running on that network
Quote
AD Server (Windows Server 2012r2)  - 10.0.0.10
Guest1 (Windows 7 ) - 10.0.0.71
Guest2 (Windows 8 ) - 10.0.0.72
Guest3 (Windows 10 ) - 10.0.0.73
Guest4 (Windows XP ) - 10.0.0.74

I have pfSense 2.4.2-RELEASE-p1 (amd64) running with the following two interfaces
Quote
WAN (wan)      -> em0        -> v4: 10.0.0.254/24
LAN   (lan)       -> em1        -> v4: 192.168.0.254/24


From the firewall I can ping all IP addresses on both the LAN and the WAN side.
On The WAN side I can ping all the hosts and the EM0
On the LAN side I can ping the internet gateway  and the EM1 interface so I know all connectivity is there.

What I want to do, and I cant figure out how to do it as I'm too stupid, is to have the WAN interface resolve DNS lookups for me and forward them on to the internet gateway via em1.

I realise this is WAN doing lookups on the LAN and this is a bit backwards but as this is my lab i cant see how to set it up any other way.

I have spent most of the day reading docs from google and watching videos on Youtube regarding setting up DNS resolvers but all to no avail. I still cant get any resolution done

Here is what i see in the filterlogs on the firewall
Quote
Jan 11 23:26:45 firewall filterlog: 9,,,1000000103,em0,match,block,in,4,0x0,,64,44004,0,DF,17,udp,82,10.0.0.30,8.8.8.8,36710,53,62
Jan 11 23:26:45 firewall filterlog: 9,,,1000000103,em0,match,block,in,4,0x0,,64,44005,0,DF,17,udp,82,10.0.0.30,8.8.8.8,36710,53,62
Jan 11 23:26:51 firewall filterlog: 9,,,1000000103,em0,match,block,in,4,0x0,,64,17143,0,DF,17,udp,67,10.0.0.30,10.0.0.254,37360,53,47
Jan 11 23:26:51 firewall filterlog: 9,,,1000000103,em0,match,block,in,4,0x0,,64,17144,0,DF,17,udp,67,10.0.0.30,10.0.0.254,37360,53,47
Jan 11 23:26:56 firewall filterlog: 9,,,1000000103,em0,match,block,in,4,0x0,,64,25589,0,DF,17,udp,67,10.0.0.30,192.168.0.1,42088,53,47
Jan 11 23:26:56 firewall filterlog: 9,,,1000000103,em0,match,block,in,4,0x0,,64,25590,0,DF,17,udp,67,10.0.0.30,192.168.0.1,42088,53,47

On the firewall in the System -> General section i have the following set
Quote
DNS Serves - 8.8.8.8  NONE
DNS Server Override is checked

Under Services -> DNS Resolver -> General setting i have the following configured
Quote
Enabled  -> Checked
Listen port -> 53
Network Interfaces -> All
Outgoing Network Interfaces ->All
DNSSec -> Checked

I have attached a lab diagram and my exported xml config and attached them to the post. Ive dicked around with domain names in teh config and a few keys but only for obfuscation of bits. Apart from that its as it sits on the box. Anty help would be greatly appreciated. i cant believe this has me flummoxed.