| | 40 | Many network admins block DNS traffic from clients to internet to safeguard the network from attackers. Therefore, you have to configure a local DNS resolver to do the resolving for your clients. In pfSense this can be accomplished by configuring its DNS Resolver. |
| | 41 | |
| | 42 | Go to Services > DNS Resolver |
| | 43 | |
| | 44 | === General Settings === |
| | 45 | |
| | 46 | - Enable |
| | 47 | - Network Interfaces: LAN |
| | 48 | - Outgoing Network Interfaces: WAN |
| | 49 | - DNSSEC: enabled |
| | 50 | |
| | 51 | Also, if you have any local dns resolving, you can define them on Host Override part: |
| | 52 | |
| | 53 | - Host: mywebserver |
| | 54 | - Domain: myinstitute.lanka |
| | 55 | - IP address: 10.XY.1.1 |
| | 56 | - Description: local domain for webserver |
| | 57 | - Save |
| | 58 | |
| | 59 | Option Domain Overrides can be used to block or sink particular domain name |
| | 60 | |
| | 61 | for example, if we use |
| | 62 | |
| | 63 | - Domain: facebook.com |
| | 64 | - IP address 192.168.1.1 (which is a dummy one) |
| | 65 | |
| | 66 | Now you need your clients to use pfSense LAN interface IP's as its DNS server. |
| | 67 | |
| | 68 | From your GUI vm, browse to http://mybrowser.myinstitute.lanka |
