I’ve been having a very confusing issue where the System Check page show’s the following on all domains/sub-domains:
Nameserver glue records are incorrect. The ns1.[domain] and ns2.[domain] nameservers must be configured at your domain name registrar as having the IP address [IP]. They currently report addresses of [Not Set]/[Not Set]. It may take several hours for public DNS to update after a change.
In the Ubuntu CLI I also see:
sudo: unable to resolve host [domain]: Resource temporarily unavailable
Which starts to crop up during the installation of MIAB…
The biggest confusion is - everything functions perfectly! What is this DNS issue!?
Further issues which I persume are related…
I also have these on the System Check page:
|SSH Login (ssh) is running but is not publicly accessible at [IP].|
|Incoming Mail (SMTP/postfix) is running but is not publicly accessible at [IP].|
|Outgoing Mail (SMTP 587/postfix) is running but is not publicly accessible at [IP].|
|IMAPS (dovecot) is running but is not publicly accessible at [IP].|
|Mail Filters (Sieve/dovecot) is running but is not publicly accessible at [IP].|
|The SSH server on this machine permits password-based login. A more secure way to log in is using a public key. Add your SSH public key to $HOME/.ssh/authorized_keys, check that you can log in without a password, set the option ‘PasswordAuthentication no’ in /etc/ssh/sshd_config, and then restart the openssh via ‘sudo service ssh restart’.|
Again the confusions are… MIAB is reachable publicly, via IP and domain and is functionioning perfectly… The SSH server also does NOT accept password based logins…
Why am I seeing all of these incorrect reports?
I suspect it has something to do with pfSense - but I just cannot figure it out. I’ve tried turning on NAT reflection as others have suggested in the links below… but it makes no difference.
dig @[Local IP] [Domain] any
Which checks out fine!
When I try:
dig @[Remote IP] [Domain] any
Everything times out which is leading me to believe this is definetly an issue with my pfSense setup…