DNS Setting for Failover with Active Directory

  • I'm wondering about the correct DNS settings for a remote location that has a failover WAN connection and the primary DNS server is Active Directory DNS at the main location.

    The remote location's DNS settings in General is 1.DNS Server at HQ through WAN1, 2. WAN1 ISP DNS server, 3. WAN2 ISP DNS server. The clients use the pfSense firewall as their DNS server, so I would like to include the HQ DNS server as #3, through the WAN2 connection, but of course it isn't possible to specify the same DNS server IP twice on the General page.

    If my thinking is correct, and the HQ DNS server is accessed through WAN1, and WAN1 goes down causing traffic to go out through WAN2, how will the clients lookup DNS entries at the HQ DNS server?

    So basically I'm looking for redundancy to the HQ DNS through both WAN connections.

    The question seemed to get a little convoluted as I was typing it, let me know if more info would be helpful.

    Thank you,


  • In case it helps anyone else, I contacted support and got this resolved. Basically, settings the first DNS server as the internal DNS created a static route through the primary WAN connection. When the fail-over was using the secondary WAN connection, it couldn't contact the internal DNS server since the static router was through WAN1. Removing that entry and having it use the "domain overrides" seemed to fix the problem. I'll be testing early tomorrow before the users show up.

Log in to reply