Cannot resolve locally hosted tld's when connected to Openvpn
-
Hello all, newish pfsense user here.
Openvpn clients sometimes cannot resolve full tld's which are hosted locally.
192.168.20.0/24 = dmz
192.168.30.0/24 and 192.168.4.0/24 = vpn & lan
10.0.10.0/24 = tunnel/user network
When we connect to the VPN, we get access to 192.168.20.0/24, 192.168.30.0/24 and 192.168.4.0/24
Also, when connected, we can ping/navigate to domains on the web...but we cannot resolve domains that are hosted locally. For example, our smtp server (192.168.20.xxx) is hosted locally but is not resolveable with (...say) mail.example.com (which is properly natted). When I am connected to the vpn, Thunderbird cannot resolve 'mail.example.com'. I need to disconnect in order for that to happen. Oddly though, I can ping 'mail.example.com' fine when connected.
In the VPN config, I have listed 4 DNS servers:
- Pfsense
- My ISP's DNS server
- 8.8.8.8
- 8.8.4.4
This part seems to work because, when I am connected, I can see the 4 DNS servers 'pushed' to me with the 'nmcli' command.
Lastly, a 'dig' command (when connected) on any of the above DNS servers resolves 'mail.example.com' to the proper IP.
I am not sure how to debug this any further rn...any ideas?
Thanks
-
Enabling NAT Reflection fixed my issue.