Did you already try to change this to 192.168.2.1 to use your pfsense DNS?
I assume this is from the domain-joined client. On the not-joined clients the pfsense DNS resolves correctly?
Please test with name instead of IP like ping science.ibiopro... to see what IP ping gives back.
When you choose a default certificate, it is copied to /etc/pki/tls/certs/localhost.crt, so the script copies letsencrypt certs too.
Exactly
using name =
Y:>ping science.ibiopro.com
Ping request could not find host science.ibiopro.com. Please check the name and try again.
The problem is the same from PFSENSE" = * Host “science.ibiopro dot com” did not respond or could not be resolved.
That’s why I felt there is a problem with the DNS portion of my NS server. It doesn’t perform name resolution.
Are you sure because dig or nslookup don’t give back an IP:
# dig science.ibiopro.com
;; flags: qr rd ra; QUERY: 1, ANSWER: 0
# nslookup science.ibiopro.com
** server can't find science.ibiopro.com: NXDOMAIN
out of curiosity could it be something simple like port 53 being blocked
No, the DNS entries are simply non-existant, as a check with Google or Whois will show:
nslookup -query=any science.ibiopro.com 8.8.8.8
nslookup -query=any ibiopro.com 8.8.8.8
The Subdomain does not exist, the domain does…
Not really an issue with NethServer, but handling DNS at a Registrar… 
so godaddy
in that case out of curiosity could you show us what youve setup in godaddy in terms of setting your host record (A record)
and incase it helps check out this link https://au.godaddy.com/help/add-an-a-record-19238
We’re mixing 2 things here an it’s normal since I mentioned them earlier.
The internal DNS resolution with NS appears not to be working. This is my biggest issue since, if that portion would work properly, I wouldn’t have to rely on godaddy to access my internal servers aka hairpin DNS like Andy said.
Therefore, I disabled the external DNS config to concentrate on the NS DNS only. The results from above = internal DNS resolution issues.
My main issue = that any DNS entries I add to NS are unresolvable via nslookup, and this, regardless:
I really think the issue is with NS’ DNS.
Your thoughts?
…and guys… thank you for the brainstorm. It’s really appreciated 
What do you get on a PC behind NethServer on the console (DOS-Console)…
ping 8.8.8.8
Does this get an answer?
nslookup www.google.com. 8.8.8.8
Please copy the output here…
nslookup www.google.com.
Please also copy the output of this to the forum…
Note:
The final dot at the end of www.google.com. is important!
Thx
My 2 cents
Andy
yes: the ping works.
Output of both nslookup commands.
In the second nslookup, that would mean your Nethserver is answering. Your LAN is resolving DNS…
Agree… but not DNS entries manually added to NS. what would explain this?
If the domain is not existing, it may be - I’ve never tried.
Removing an A record will not remove a domains “ANY” record…
Get the domains right and try again…
My 2 cents
Andy
I think you are misunderstanding how clients use dns servers: if you get a reply from the first one DNS server IP, the second one will never get a request.
Maybe you can try to concatenate them in this way :
first dns server for your LAN ( AD 192.168.2.9) this one resolve internal device names and forward queries to 192.168.2.1 (PFSENSE ). This second one resolve names for your exposed services and ( if you use the resolver service, not the forwarding one) all external domains
Stefano
sorry mrmarkuz, I think I did some mistake answering to iampellegrino… the misunderstanding was not for you, was for him
Thanks for your reply @gatto
In the above example, the request for science.ibiopro. com goes to 192.168.2.9 (NS DSN) but it’s not finding anything in its DNS zone. That is my problem now. I’m not trying to resolve the external A record anymore. I’m focusing on the internal DNS problem.
How is it that DNS 192.168.2.9 (the NS DNS) can’t resolve it own manually added A record?
Should I attempts to reinstall NS to see if this is a bug withing this install
This is where I’m blocked now… 
NB: Guys… in case we don’T talk during the holidays… I wish everyone a good and safe holidays.
D.
Have you tried to configure NS server to forward queries to pfsense?
just need a bit more info as it still seems to be misconfiguration
first what do you have on the first page of the cockpit dashboard for your hostname and dns
for example this is mine
Hostname/Alias = orion.ksatdesign.com.au
DNS = 10.1.1.1 , 1.1.1.1 #the first points to my firewall (opnsense) second to cloudflare public dns
second
check you systemtime on the dashboard is the current date and not something in 1970
third
check your /etc/hosts file contains the internal ip
cat /etc/hosts
forth
check your network configuration in the dashboard is set correctly
for example you have one green interface that is set with the internal ip of your nethserver and gateway of your pfsense
and lastly check in dns section (not the first cockpit page thats resolvers) that you have a record that points your server to the EXTERNAL ip not the internal (as the server knows it’s own internal ip automatically and does not need it set but does need the external ip) and has the wildcard option ticked
also make sure you reference your pfsense in here with it’s internal ip and your network (fqdn without the server ie domain.com) with your external ip but dont set wild card and add your dc container pointing to it’s ip
ps. if your doing any tests from your windows machine make sure the windows dns server is set to nethserver not the pfsense
after if everything is working setup unbond dns on pfsense mirror (manual type the records as appears in nethserver) the dns config from nethserver set dhcp to use pfsense for dns 1 and nethserver for dns 2 gateway being pfsense
now on go daddy make sure your records their point to you external ip not your internal
Yup… not working either.