DNS Query Refused over IpSec
-
Hi,
I have Pfsense running on an XG-7100 1U running the default Unbound DNS resolver. All the clients on the LAN side, and connected via OpenVPN are able to resolve dns queries without any issue.However, I also have an IpSec site-to-site link set up with an Azure Virtual Network. Connections work fine, i.e. I can connect from and to any host on either side. However dns queries coming from the Azure side get a response: "Query refused"
I've confirmed that the DNS resolve settings have "Network Interfaces" set to "All" Is there anything else I should set in order to allow resolving queries coming from the IpSec network?
Thanks.
-
In the DNS Resolver settings, add entries on the ACL tab to allow access for the other subnet(s)
-
Ah, that fixed it! Thanks for the quick response!