Local hostnames are not resolved for clients from a network connected via IPsec site-to-site VPN tunnel

mebert

I setup a DNS Resolver in the PFsense 2.6.0-RELEASE (amd64) which works great via OpenVPN or for clients directly connected in the network of the pfsense.

I configured in the pfsense an IPsec site-to-site VPN to connect to an Ubiquiti UDM-PRO UniFi Dream Machine at a different location. All connections work from one network to the other. We can ping, SSH, NFS etc. between the networks. We also want to use the DNS resolver in the PFsense to resolve local hostnames like in the network attached directly to the pfsense. However, after adding the pfsense IP address as the DNS server to the DHCP on the Ubiquiti public IP address can be resolved but none of the local hostnames can be resolved.

How come the DNS resolver works great in the local network for public and local hostnames but over the IPsec tunnel it resolves only the public hostnames? I see from a computer in the network of the Ubiquiti via dig or nslookup that the pfsense server is indeed used as DNS but the local hostnames are simply not resolved.

What I also tried is setup a dedicated DNS server in the local network of the PFsense. However, the result is the same as with the DNS resolver in the PFsense. Only public hostnames are resolved.

Let me know if you need more information on the configuration in the PFsense. It really puzzles me what is going on.

Thanks

viragomann

@mebert
Consider that you have to state the remote domain if you client uses another search domain, what I assume.

So if you want to request the remote host name is "host" and its domain is "local" you need to type "host.local" to access it.