DNS won't resolve on VPN subnet, 2.2, BIND=>Unbound

  • I have a LAN subnet ( with a dns forwarder resolving local and remote requests incoming via VPN subnet (

    Obviously, I have "DNS Rebind Check" unchecked and following firewall rule on OpenVPN Tab:

    Everything works for a remote DNS requests, coming from remote system private subnets

    Now I disabled DNS forwarder and enabled DNS resolver:

    Leaving the rest of the options in the same state. DNS is not resolved for external (VPN) net anymore

    That's what I get sniffing on VPN net when do DNS query:

    09:58:25.160703 IP > 54039+ A? router.vetals. (31)
    09:58:25.160738 IP > 54039+ A? router.vetals. (31)
    09:58:25.255471 IP > 54039 Refused- [0q] 0/0/0 (12)
    09:58:25.255494 IP > 54039 Refused- [0q] 0/0/0 (12)

    Any ideas, what else must be tuned to go with Unbound?

  • Banned

    Add the VPN subnet to the DNS Resolver ACLs.

  • That worked like a charm!

    Thanks a lot!