DNS forwarder over IPSec VPN tunnel


  • Hi there.

    I'm runnng pfsense 1.2-release at home and have setup a VPN (IPSec) connection to my work network successfully. I can ping all hosts in the work network from my client. Now I'd like to use the hostnames at work to connect. I tested a dig from a client at home to the name server at work. That worked.
    I then create an entry called office.zz with the dns server ip 172.30.129.10 in the dns forwarder page as a entire domain forwarding. This doesn't seem to work. The logs tell me that for this domain the work dns server will be used:

    dnsmasq[2993]: using nameserver 172.30.129.10#53 for domain office.zz

    but I cannot resolve any hostname in office.zz. When I login to the shell of my pfsense I try to ping 172.30.129.10. This does not work, although from a client in my home lan it works. Anyone sees a problem?

    My setup:
    Home network:  192.168.11.0/24
    pfsense LAN: 192.168.11.1/24
    pfsense WAN: DHCP (CableProvider)

    Office network: 172.30.129.0/24
    Office name server: 172.30.129.10

    VPN is up and running. I can connect, ping, rdp, ssh to all hosts in the office network but IP addresses only. No dns names.

    Regards,
    Marc


  • Have you set up a static route on your pfSense machine to your office's LAN?

    IIRC you have to do this with IPSec tunnels. Route it through the LAN interface of pfSense.


  • Thats it. That solved the issue.
    Thank you very much.

    Regards,
    Marc

    @Bern:

    Have you set up a static route on your pfSense machine to your office's LAN?

    IIRC you have to do this with IPSec tunnels. Route it through the LAN interface of pfSense.