DNS forwarder over IPSec VPN tunnel



  • Hi there.

    I'm runnng pfsense 1.2-release at home and have setup a VPN (IPSec) connection to my work network successfully. I can ping all hosts in the work network from my client. Now I'd like to use the hostnames at work to connect. I tested a dig from a client at home to the name server at work. That worked.
    I then create an entry called office.zz with the dns server ip 172.30.129.10 in the dns forwarder page as a entire domain forwarding. This doesn't seem to work. The logs tell me that for this domain the work dns server will be used:

    dnsmasq[2993]: using nameserver 172.30.129.10#53 for domain office.zz

    but I cannot resolve any hostname in office.zz. When I login to the shell of my pfsense I try to ping 172.30.129.10. This does not work, although from a client in my home lan it works. Anyone sees a problem?

    My setup:
    Home network:  192.168.11.0/24
    pfsense LAN: 192.168.11.1/24
    pfsense WAN: DHCP (CableProvider)

    Office network: 172.30.129.0/24
    Office name server: 172.30.129.10

    VPN is up and running. I can connect, ping, rdp, ssh to all hosts in the office network but IP addresses only. No dns names.

    Regards,
    Marc



  • Have you set up a static route on your pfSense machine to your office's LAN?

    IIRC you have to do this with IPSec tunnels. Route it through the LAN interface of pfSense.



  • Thats it. That solved the issue.
    Thank you very much.

    Regards,
    Marc

    @Bern:

    Have you set up a static route on your pfSense machine to your office's LAN?

    IIRC you have to do this with IPSec tunnels. Route it through the LAN interface of pfSense.


Log in to reply