Cannot resolve local DNS Resolver from IPSec client
-
I've finally managed to setup an IPSec tunnel for my MacBook (Sierra) and PFSense. Configuration is as below in the screenshots.
Unfortunately I cannot resolve any DNS entries on the WAN/LAN when using my PFSense configured DNS resolver (192.168.1.1) as the DNS server provided to the IPSec Mobile Clients config page. If I use google's 8.8.8.8 / 8.8.4.4 the DNS resolves successfully and all traffic is routed through the PFSense IPSec server.
I can ping WAN IP addresses with either google or local DNS and I can successfully access the LAN with either configurations.
I am guessing its something super simple but I am lost as to what it might be!
Any help please?
-
Duh stupid me, had not added the IPSec addresses to the DNS resolver access list! Problem appears to be resolved.
-
Hi, I ran into the same situation as you where my ipsec clients can't access the PFsense as the DNS.
I have successfully dished out the pfsense IP as the DNS to the clients, and the clients can ping it no problem.
But when trying to do a resolve I get Query refused:nslookup yahoo.com 192.168.1.1
Server: UnKnown
Address: 192.168.1.1
*** UnKnown can't find yahoo.com: Query refusedI had added the IPSEC /24 network to the DNS resolver access list, but still no luck. Is there anything else you have to do??
Much appreciated.
Thanks.
-
Hi, nevermind, I found the issue, some time ago I installed BIND, I think its conflicting. I stopped BIND and it works now. thanks.