Custom DNS works only in wired lan, not in WIFI
Hi,
I'm using FWG with custom DNS entries for my homelab. The setting are working great in my wired lan. Unfortunately they don't work in my WIFI (unifi AP and Mikrotik AP). If I open the page the first time if I connected with WIFI it works, if I refresh the page it didn't work.
The FWG is running in router mode with DHCP for the clients. All clients / servers are in the same network. DNS for the clients is the FWG.
Maybe there is a solution I didn't find yet in the forum.
Thanks in advance
Werner
-
Yes, that's also my opinion. I've double checked my network (AP's). It must work.
One further question. Are the custom DNS rules the same like hairpinning? From external I can reach the server with homeassistant.mydomain.com. The way is: ISP - FWG - Nginx Reverse Proxy - Homeassistant
Now I will use the custom DNS rules for internal accessing the homeassistant. Maybe the custom DNS rules are not the right way?
-
Ok, I have deleted the custom DNS rules in the FWG. NAT loopback must work without them and hairpinning is automatically created (like you wrote). But now it don't work neither with wifi nor with ethernet. It only work if I outside my network. Looks like the NAT loopback is not created automatically. I've already rebooted the FWG and the clients. Nothing happens...
-
What IP addresses are you trying to access? is it the WAN IP? or a LAN IP? If you are not sure, you can open a case with help@firewalla.com, someone can look at your configuration
-
I open my domain which is reachable from outside via your DDNS service. On FWG I have made portforwarding (80 and 443) to my nginx reverse proxy (running on an unRAID server). If I inside my lan I also open my domain. But that's not possible because I'm in the same lan like the server I will reach (Homeassistant, Vaultwarden). In my old router I had a NAT loopback rule without problems. I made custom DNS rules on FWG to route the domain from the inside in. That is working well. But only with the ethernet wired clients (Linux). With WIFI clients it works only one time. Than it seems, that the the custom DNS rule isn't working anymore in WIFI.It's really strange. I have tested it with different browser (Safari, Chrome, Firefox) and different clients (iPhone, iPad, Macbook). Today I will test it with a Windows laptop. Maybe on the Apple devices the DNS server will be overwritten by an external DNS.
-
It's hard to troubleshoot the port forward with hairpinning via the support forum. Let's just get back to the custom DNS solution here.
On a wireless client, can you please run
nslookup your_custom_dns
in the terminal or command line, see if it is resolved to the correct local IP. If it does, then likely some settings in the browser are the culprit causing failure after refreshing the page. If you want to stick to the hairpin approach, you can send an email to help@firewalla.com and we are glad to help.
-
The nslookup show me the reverse proxy.
From Windows Laptop im WIFI everything is ok. From ethernet PC (Linux) erverything is ok. But from Apple devices in WIFI I have the problems. Looks really like Apple does not get along with custom dns. Amazing.
With hairpinning in my old router I havn't any problems. I'll write an email because of hairpinning.
Thank you very much for your help.
Please sign in to leave a comment.
Comments
20 comments