Hello,
I found this: Install adam:ONE® (v4+) on pfSense® which I’ve used in the past.
However it seems to be obsolete. When I run configure I don’t get an option to enable DTTS. DTTS nor 443 rules are mentioned in my firewall during configuration.
Is there an updated install how-to guide?
I’m running a Netgate 2200 with the latest version of pfsense and just tried to install adam on it.
Thanks
hey @Carsonix thanks for pointing that out. The article you linked to is still the correct one, but as you noted is had not been updated to reflect some recent changes in the package.
The firewall mechanism has been modified to be entirely controlled from dashboard.adamnet.works so the option on the setup script is no longer needed. I’ve removed this from the guide.
For 443 this has also changed where adam:ONE responds to these packets directly instead of the firewall having a reject rule.
Thanks, I have it installed.
The last option was hijack DNS. I put yes. But got a warning…
DNS is hijacked to 127.0.0.1 but DNS Resolver is listening on it which will have the opposite effect of bypassing adam:ONE
Any ideas how do I fix this or what I should do? I’m by no means an expert with adam.
Also I have another problem. I can’t access any websites anymore except adamnet.works
My Laptop — WAP — Netgate with Adam — Internet
sockstat | grep amuscle doesn’t show any output.
Finally my adam web panel says my computer and router timezones are 24 hours apart. They are both set to America/Toronto. Do you know how to fix this?
Thanks
For the DNS resolver issue, you’ll want to actually just disable the DNS Resolver in pfSense to get rid of that message.
As far as not being able to access web sites, you might want to go to http://mytools.management/whoami and check what policy you’re on. And then check that policy to see what rules are enabled. You might be on an allow-list policy with none or very few rules enabled.
The message about the timezone is a known bug that will be fixed in the next release.
Thanks , it’s annoying
What’s the purpose of disabling the DNS resolver? Isn’t that necessary for resolving local domains? Or does the dashboard also handle that?
Is there any reason to leave the DNS resolver on?
There’s no point in using the DNS Resolver if you don’t have a local domain that you are managing DNS records on.
And if it’s only a few local records I prefer to use Authoritative rules on the adam:ONE Dashboard instead of mess with running two DNS servers on the router.
I recently found it necessary to run the DNS resolver in cases where the net goes down and there is no backup in place. In such cases the adam:ONE dashboard doesn’t seem to kick in with the authoritative rules. I’m going to assume that is because it can’t be reached and isn’t cached on the gateway.
Hey @Victor that’s not how it should behave, as all rules including authoritative rules run in muscle memory so whether the router has a working Internet connection or not shouldn’t make a difference.
We had an outage a week ago, and had to enable the resolver and domain overrides to get back functionality for some of the services we run on custom domains.
I think what’'s happening is that on pfSense if there is a WAN interface change detected it automatically restarts all services.
As a result the adam:ONE “muscle” restarts and since it can’t get online to fetch rules it causes custom/authoritative rules to not function.
There is a solution that can be implemented by the support team for MSS accounts that enables the muscle to store a local copy of the rules.