Split tunnel/ Split DNS
-
Hi Everyone.
Newer pfSense user here.
I have read lots of posts and I am confusing myself...lol
I have a simple goal.
I have a main office with a server running Server 2019 active directory, a printer and a few file shares.Main office:
192.168.99.0/24
Server01 is 192.168.99.20
mydomain.localConnecting to it, a branch office using OVPN site to site. 192.168.95.0/24
At the branch office, I need the PCs connect to the Server01's DNS for active directory stuff, printer and file shares.
Both boxes are fresh installs with default settings.
My goal for branch office:
- Use servers DNS for domain stuff and 1.1.1.1 / 8.8.8.8
for everything else. - Use OVPN tunnel for Active directory, printer, file shares only.
Go straight to internet for everything else. - Accomplish this clean and straightforward.
To me it seems straightforward but wow, there's a 100 ways to do this, it seems...lol
Can't I accomplish this by checking or unchecking the correct settings and setting the correct DNS servers to push?
Thanks for your help and I'm new to pfsense so please be specific, not too proud for step by step...lol
- Use servers DNS for domain stuff and 1.1.1.1 / 8.8.8.8
-
@chuck1968
No, don't push a DNS server. You cannot push a DNS server for the local domain only. If the branch uses Server01 for DNS resolution it uses it for all request.
You have to add a domain override for the local domain instead to only forward these certain requests to the main office.In the branch OpenVPN settings enter 192.168.99.0/24 to the "Remote Networks".
On the main, presuming you are using a /30 tunnel network, enter 192.168.95.0/24 into the "Remote Networks" box.