Just two keys…


Configuring DNS

Before BIND can be enable the other DNS servers will need to be disabled..
  • Navigate to Services - DNS Forwarder.
  • Deselect 'Enable' and save the changes (if any where made).
  • Navigate to Services - DNS Resolver.
  • Deselect 'Enable' and save the changes (if any where made).

Configuring BIND
  • Navigate to Services - BIND DNS Server.
  • On the Settings tab set the following…
Daemon Settings:
  • Enable BIND: Checked
  • IP Version: IPv4
  • Listen on: LAN
  • Enable Notify: deselected
  • Hide Version: Checked
  • Limit Memory Use: 256M
Logging Options:
  • Enable Logging: Checked
  • Logging Severity: Info
  • Logging Options: Default
Response Rate Limit:
  • Rate Limit: Checked
  • Limit Action: Deny query
  • Limit:
Forwarder Configuration:
  • Enable Forwarding: Checked
  • Forwarder IPs:;;
Custom Options:
Global Settings:
  • Select Save
  • Navigate to the Views tab and select Add…
General Options:
  • View Name: LAN View
  • Description: The only view needed...
  • Recursion: Yes
  • match-clients: any
  • allow-recursion: any
Custom Views:
  • Select Save
  • Navigate to the Zones tab and select Add…
Domain Zone Configuration:
  • Disable This Zone: deselected
  • Zone Name: lan.net
  • Description: Local LAN
  • Zone Type: Master
  • View: LAN View
  • Reverse Zone: deselected
  • IPv6 reverse Zone: deselected
  • Custom Option:

  • Leave everything deselected
Slave Zone Configuration:
  • Leave blank
Forward Zone Configuration:
  • Leave blank
Master Zone Configuration:
  • TTL: 128
  • Name Server: utm
  • Base Domain IP: leave blank
  • Mail Admin Zone: leave blank
  • Serial: leave blank
  • Refresh: 1d
  • Retry: 2h
  • Expire: 4w
  • Minimum: 1h
  • allow-update: none
  • Enable update-policy: deselected
  • update-policy: leave blank
  • allow-query: any
  • allow-transfer: deselected
Zone Domain records:
  • Enter Domain Records
  • utm, A,
  • nas, A,
Custom Zone Domain Records:

Resulting Zone Config File:

  • Select Save

Progress Check

At this point any client computer connected to the LAN interface should be able to browse the internet, also browse to the local NAS and pfSense web interfaces using their respective domain names…