What's new

Configure two clients to use different DNS pfsense?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Fingers

Regular Contributor
I run pfsense in my home enviroment. I have two media streamers connected (one wired, one wifi). I use a smartDNS service to access my subscription services in one country, but on my second meadia streamer I need to access the services in my current location.

Is this possible without creating VLAN's? I want to try to keep the network as simple as possibe, as if I am away, my wife may run into issues too technical for her if things need to be tweaked ect.
 
Unfortunately the devices auto look for google dns servers to aid geo lock. So i have currently blocked all other dns requests except the smartdns manually entered in general settings.
 
Can you set static dhcp address and specify dns server there. In OpnSense you can, and its very similar to pfsense I have heard.
 
I run pfsense in my home enviroment. I have two media streamers connected (one wired, one wifi). I use a smartDNS service to access my subscription services in one country, but on my second meadia streamer I need to access the services in my current location.

Is this possible without creating VLAN's? I want to try to keep the network as simple as possibe, as if I am away, my wife may run into issues too technical for her if things need to be tweaked ect.
I have not used the DNS proxy services. Well, I tried briefly, but since I have a dynamic IP, I can not bother others in my household with the ip validation process each time they want to stream. So using vpn worked better for me.

I route my subscription media services that block vpns to a TorGuard dedicated IP using a combination of firewall alias containing domain names and ASN ipv4 lookups using pgBlockerNG. Other media traffic is routed to another major media market to give me more channels using the same technique.

The author of this guide is doing some tricky stuff with DNS that may help with your use case. But VLANs may be required.

https://www.techhelpguides.com/2017/06/12/ultimate-pfsense-openvpn-guide/
 
1.png
Can you set static dhcp address and specify dns server there. In OpnSense you can, and its very similar to pfsense I have heard.


I tried this but it still uses the smartDNS even when I disabled the firewall rules to force the DNS.
 
Last edited:
I have not used the DNS proxy services. Well, I tried briefly, but since I have a dynamic IP, I can not bother others in my household with the ip validation process each time they want to stream. So using vpn worked better for me.

I route my subscription media services that block vpns to a TorGuard dedicated IP using a combination of firewall alias containing domain names and ASN ipv4 lookups using pgBlockerNG. Other media traffic is routed to another major media market to give me more channels using the same technique.

The author of this guide is doing some tricky stuff with DNS that may help with your use case. But VLANs may be required.

https://www.techhelpguides.com/2017/06/12/ultimate-pfsense-openvpn-guide/


Thanks I will take a look :)
 
I have tried everything mentioned but I think there must be some block when using smartDNS servers, to limit traffic through their servers only. I didnt want to use VPN as this slows the stream down too much.
 
I have tried everything mentioned but I think there must be some block when using smartDNS servers, to limit traffic through their servers only. I didnt want to use VPN as this slows the stream down too much.
Does the CPU in your pfSense build support AES-NI?

I have AES-NI feature enabled using an Intel i5 CPU. I use AES-128-GCM for best performance. See metrics at the link below.

https://x3mtek.com/openvpn-performance/

Huge vpn performance improvement compared to my Asus AC88U. My access point is now an Asus AC1900. I was using a D-Link 880L flashed with DD-WRT as the AP prior to using the AC1900. WiFi performance over the vpn tunnel saw an improvement as a result of the change.
 
Yes im using an intel G4400 cpu. Im on an 80/20 line pulling 76/18.

Purevpn and expressvpn i have tried and got very inconsistent results, in that it would steam fine for a while then quality dropped up and down depending on the time of day.

Maybe i should give it another go with a different provider for the sake of simplicity.

Excellent article by the way, thank you.
 
I use ExpressVpn on my pfsense on selected devices such as media streamers. My smart tv is connected to my local isp to stream local media contents.

I used Pfsense DNS resolver over TLS on Cloudflare and Quad9 dns with no leaks.

Link provided with Xentrx is a good starting point.

I also use Pfblockerng and Suricata on a Dual core Kabylake and it work pretty well. I am connected to an east coast Openvpn server 14k miles away and no problem with speed. Your Pfsense hardware is capable of doing it.
 
Thanks to everyone that replied. I did in the end find a VPN with better performance. All my devices are being routed accroding to their needs. And DNS routed over TLS. Speed is good and zero buffering ect.

Thank you.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top