Skip to content
English - United States
  • There are no suggestions because the search field is empty.

Configuring pfSense® to use Lumiun DNS with identification of internal network devices

This configuration will cause pfSense® to forward DNS requests to Lumiun DNS, including the IP address and MAC address of devices performing DNS queries on the internal network. The configuration is done in the pfSense® DNS Forwarder service, which is dnsmasq.

Starting the configuration

All devices on the local network that use this pfSense® (and its DNS Forwarder) as a DNS server will now observe the rules defined in the Policy assigned to the site used in the configuration.

In this procedure, the DNS Resolver (unbound) will be disabled and only the DNS Forwarder (dnsmasq) will be used, forwarding DNS requests to Lumiun DNS servers.

Disable the pfSense® DNS Resolver

  1. Go to the ServicesDNS Resolver menu.

  2. Disable or keep disabled the Enable DNS resolver option.

  3. Save the configuration by clicking the Save button and confirm by clicking Apply Changes.

This Lumiun DNS configuration is performed through the DNS Forwarder. If you need to use pfSense® DNS Resolver, see the following article: Configuring pfSense® to use Lumiun DNS via DoT.

Configure the pfSense® DNS Forwarder to use Lumiun DNS

  1. Go to the ServicesDNS Forwarder menu.

  2. Enable or keep the Enable DNS forwarder option enabled.

  3. In Listening port, keep the value 53.

  4. In Interfaces, select (by holding down the Ctrl key) the LAN and Localhost options.

  5. Enter the following content in the Custom Options box—replacing abcd1234 with the ID of the desired site — see the ID on the sites page.

    add-cpe-id=abcd1234
    server=dns_server_1
    server=dns_server_2
    server=dns6_server_1
    server=dns6_server_2
    server=/in-addr.arpa/8.8.8.8
    add-mac
    no-resolv
    bogus-priv
    umbrella

    The values for dns_server_1, dns_server_2, dns6_server_1, and dns6_server_2 must be entered as specified in the configuration for the respective site on the sites page.

  6. Save the configuration by clicking the Save button and confirm by clicking Apply Changes.

  7. Go to the SystemGeneral Setup menu and, if there is a DNS server entered in DNS Server Configuration, remove it and save the changes.

  8. If the DNS Server Override option is checked, uncheck it. In DNS Resolution Behavior, leave the Use Local DNS, ignore remote DNS Servers option selected. Save the changes.

  9. That's it! You can now view reports on your Lumiun DNS dashboard and also define policy rules.

Warning: If you are using pfSense® versions prior to 2.6, you may need to remove the “umbrella” option from the custom options, and pfSense® will not send internal IP addresses to be included in Lumiun DNS reports.