On 07/27/2016 08:45 AM, Philipp Tölke wrote: > since the update to 2.3.2 yesterday our external devices do not get > DNS-Replies anymore.
What version was this firewall running previously? > We have configured the DNS-Forwarder to listen on the interface and > sockstat show it's listening on *:53. We have a rule allowing everything > to pass to "self" on port 53. > > With tcpdump I can see that the queries reach the firewall but no > responses get send out. > > The log of the DNS-Forwarder shows many entries like "Jul 27 14:36:22 > dnsmasq 83840 failed to send packet: Host is down". > > Is this a known problem? Is there anything I can do? Check the system routing table. From the sound of the errors, it would appear that the firewall routing table does not include a route back to the VPN client subnet. Jim _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
