DNS Resolver doesn't work in VPN

WhiteTiger-IT

I have configured DNS Resolver to associate a URL like crm.my-host.local to the IP address of the server in the DMZ.
If I use this URL on a PC in the office it works.
On the other hand, if I use this URL on a PC connected with OpenVPN, then I can't find the page.
The VPN is working fine and the IP is reachable with a ping.
If I the IP of the server, the page can reach it.
Where am I doing wrong?

bingo600

Have you added the OpenVPN ip range to Unbound's allowed accesslist ?

/Bingo

WhiteTiger-IT

@bingo600
I put 10.101.101.0/24, but it is always unreachable.

johnpoz

What IP did you set for your vpn client to use for dns - is unbound listening on that IP?

Do your openvpn rules allow for it?

Simple test do a directed dns query towards pfsense IP you set for dns in the vpn client. Do you get an answer.. Use your fav tool, nslookup, dig, host, etc.

And yes your unbound acls have to allow for the vpn tunnel network to do queries.

WhiteTiger-IT

@johnpoz
I don't understand what I should do.
The VPN works and I can access the servers in the DMZ using their IP address.
The IP 10.101.101.0 is that of the VPN.
My PC IP is 10.101.101.2

johnpoz

And what did you point your vpn client dns too?

Here for example in my vpn server setup I point the vpn clients to 192.168.3.10 for dns..

WhiteTiger-IT

@whitetiger-it
Thank you, this resolve my issue.