Hostname Override for VPN Clients
-
Based on Jknotts response, I think I asked wrong... This is what I intended:
I am looking for host1.example to resolve to 192.168.1.1 from 192.168.1.0/24 and from 192.168.2.0/24 LAN2 host1.example resolves to a public IP address.
-
https://forum.netgate.com/post/905712
-
I do that, but I have an external DNS server I use. The external server has the public address and pfSense has the local address.
-
@jimp very interesting. How do I keep viewA to use resolver normally?
Something like this?
server: access-control-view: 10.0.0.0/24 viewa access-control-view: 10.0.8.0/24 viewb view: name: "viewa" local-zone: "example1.com." dynamic view: name: "viewb" local-zone: "example1.com." static local-data: "test1.example1.com. 90 IN A 10.10.10.10"Also, I have this config in my custom options for DNS over HTTPS... Is it okay to combine these options?
forward-zone: name: "." forward-ssl-upstream: yes forward-addr: 1.1.1.1@853 forward-addr: 1.0.0.1@853 server:include: /var/unbound/pfb_dnsbl.*conf -
Just don't make a second view. Only make a view for the non-default responses.
-
And yes, you can add the view stuff after just make sure to include the
server:bit on a new line first. -
This works for the single host, but no other LAN addresses resolve. Any ideas?
server: access-control-view: 10.0.8.0/24 openvpn-view view: name: "openvpn-view" local-zone: "hostame.example." static local-data: "hostname.example. 90 IN A X.X.X.X" -
This post is deleted! -
Change
statictotransparent, perhaps -
Functionality seems the same. I should note that other addresses internal only end in "example" as well.
Since I only want to resolve to public address for this override, is there any way I can force hostname.example to use a public DNS server like 1.1.1.1? and all other hostname2.example, hostname3.example, etc. use pfsense resolver normally.
