Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS won't resolve on VPN subnet, 2.2, BIND=>Unbound

    DHCP and DNS
    2
    3
    1.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      Vetal
      last edited by

      I have a LAN subnet (192.168.5.0/24) with a dns forwarder resolving local and remote requests incoming via VPN subnet (10.2.0.0/24)

      Obviously, I have "DNS Rebind Check" unchecked and following firewall rule on OpenVPN Tab:

      Everything works for a remote DNS requests, coming from remote system private subnets

      Now I disabled DNS forwarder and enabled DNS resolver:

      Leaving the rest of the options in the same state. DNS is not resolved for external (VPN) net anymore

      That's what I get sniffing on VPN net when do DNS query:

      09:58:25.160703 IP 10.2.0.2.37380 > 192.168.5.1.domain: 54039+ A? router.vetals. (31)
      09:58:25.160738 IP 10.2.0.2.37380 > 192.168.5.1.domain: 54039+ A? router.vetals. (31)
      09:58:25.255471 IP 192.168.5.1.domain > 10.2.0.2.37380: 54039 Refused- [0q] 0/0/0 (12)
      09:58:25.255494 IP 192.168.5.1.domain > 10.2.0.2.37380: 54039 Refused- [0q] 0/0/0 (12)

      Any ideas, what else must be tuned to go with Unbound?

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        Add the VPN subnet to the DNS Resolver ACLs.

        1 Reply Last reply Reply Quote 0
        • V
          Vetal
          last edited by

          That worked like a charm!

          Thanks a lot!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.