(Solved) Problem with rebinding protection


Recommended Posts

I am trying to install ssl certificates following Spaceinvager One's unRAID 6.4 Overview, How to upgrade, SSL, HTTPS and Disk Encryption video, but when I get to provision, I get the warning 

Sorry, an error (403) occurred provisioning your SSL certificate. The error is: Your router or DNS server has DNS rebinding protection enabled, preventing 34796ec30bbdae301e28de01969309cc73848787.unraid.net 192.168.52.170 resolution. See Help for more details and workarounds.

I am using PFSense for routing and Pihole for DNS (both virtualised on the unRAID server). Most fixes (including Spaceinvader One's) point to the addition of the line 

server:
private-domain: "unraid.net" in Services/DNS Resolver/General Settings/Custom options. This does not fix the issue for me. 

Turning off DNS Rebind check in System/Advanced/Admin Access does not fix the issue either.

I am unable to ping 34796ec30bbdae301e28de01969309cc73848787.unraid.net (above), as it's resolving to  IP 192.168.52.130 and not 192.168.52.170 (the original IP I set the device up with, but changed within a day, long before either Pihole and PFSense were installed), so it seems that some local DNS resolution is fubar . I can't think why this old address persists and I suspect that it may be causing my problems. The server, dockers and VMs have all been started several times since the address change. 

I'm not sure if this is a PFSense, Pihole or unRAID issue, can anyone give me a pointer on how I may clear this address problem or try to fix this issue a different way

Link to comment
  • Boyturtle changed the title to (Solved) Problem with rebinding protection
On 8/11/2018 at 12:44 PM, Frank1940 said:

Go to   Settings   >>>>  Identification    >>>>    Management access   Now turn on the unRAID GUI 'Help'.  Go to the bottom of the webpage and read how to configure PFsense.  

Thanks for the pointer. What I actually needed was to update the DNS with my new IP and had no idea how to do it. Your advice took me to the link I needed and hopefully all should be well now :-)

Link to comment
  • 2 years later...
Quote

Thanks for the pointer. What I actually needed was to update the DNS with my new IP and had no idea how to do it. Your advice took me to the link I needed and hopefully all should be well now :-)

@Boyturtle This is a pretty old thread but any chance that you remember how you went about updating the DNS with the new IP? I think I am having the same issue

Edited by acherubino
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.