Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS Query Refused over IpSec

    Scheduled Pinned Locked Moved DHCP and DNS
    3 Posts 2 Posters 638 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      LamboJ
      last edited by

      Hi,
      I have Pfsense running on an XG-7100 1U running the default Unbound DNS resolver. All the clients on the LAN side, and connected via OpenVPN are able to resolve dns queries without any issue.

      However, I also have an IpSec site-to-site link set up with an Azure Virtual Network. Connections work fine, i.e. I can connect from and to any host on either side. However dns queries coming from the Azure side get a response: "Query refused"

      I've confirmed that the DNS resolve settings have "Network Interfaces" set to "All" Is there anything else I should set in order to allow resolving queries coming from the IpSec network?

      Thanks.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        In the DNS Resolver settings, add entries on the ACL tab to allow access for the other subnet(s)

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 1
        • L
          LamboJ
          last edited by

          Ah, that fixed it! Thanks for the quick response!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.