OpenVpn Site-to-Site Dns resolver
-
Good evening everyone, I ran into a dns configuration problem:
- I have 2 offices, A and B, connected in VPN through OpenVpn Site-to-Site, and the respective networks can be seen and pinged easily.
- Site A 10.10.4.x
- Site B 10.10.2.x
- In site A I have a DC server 2012r2 with ip 10.10.4.253
- In Site A I can connect to all devices (nas printers vm etc ...) via hostname given by the dns of DC 2012
- From site B I can't use hostnames to communicate but only with IPs.
How do I fix it?
-
@vettalex
How do site B devices resolve host names? Do you provide the DNS server from site A or forward the local domain somehow?If you have different local domains at A and B you need to append the domain for host names from the remote site.
-
@viragomann hello and thanks for replying to me:
- Site B solves from pfsense (which is also the gateway and is also the DHCP server) which has as ip 10.10.2.254.
- Both site A and site B have the same domain, which is domainclient.local.
- While in site A the DNS server is also the Domain Controller or 10.10.4.253, while the gateway and the DHCP server does the pfsense of site A which has as ip 10.10.4.1
the domain of the DC, is also domainclient.local, while the host names of the 2 pfsense are, Site A pfsensesitea is Site B pfsensesiteb
-
@vettalex
If you have a Windows DC with DNS it's recommended to also have the DHCP on this server.For resolving A host names at B either add host overrides to site B DNS or forward DNS requests to A. For the latter set the DNS of A as the primary in B pfSense System > General Setup and in case of DNS Resolver switch it in the forwarding mode.
-
@viragomann I tried to do the configuration preferring DNS Forwarder, but it still fails to resolve. I sent all the configuration screens of the pfsense Site B, where am I wrong?
-
@vettalex
What if you try to resolve the full host names with the domain appended?I suspect there is an issue due to the equal domain names on both sites.
I had a similar setup in the past, but with different local domains, which worked flawlessly. However, I used the DNS Resolver and configured a domain override for the remote network. -
@viragomann Hi, I solved! Your advice got me reasoning. I send you the configuration done:
