Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problems with DNS resolution across VPN

    Scheduled Pinned Locked Moved
    IPsec
    1
    1
    887
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      shreek
      last edited by

      I've got 2 VPNs setup on my pfSense.  One is an OpenVPN on 10.10.100.0/24, the other is an IKEv2 Mobile Clients network on 10.10.69.0/24.  My LAN is 10.10.42.0/24.

      I have a DNS resolver running on the pfSense box (10.10.42.1/10.10.100.1) and a DNS server running bind9 on a machine on the lan (10.10.42.6).

      From both VPNs I can successfully perform DNS resolution using the bind9 (non-pfsense) box.  nslookup myserver.mydomain 10.10.42.6 works flawlessly.

      From both VPNs I cannot perform DNS using the pfsense box (10.10.42.1).
      I'm using OpenVPN on my linux boxes, and calling nslookup using the lan IP (10.10.42.1) results in "reply from unexpected source: 10.10.100.1", calling nslookup using the vpn IP (10.10.100.1)  works.  The latter is a fine solution and I can configure my DNS to push the pfsense's VPN IP, but the former makes me worried that I have misconfigured something.
      I'm using IKEv2 on my windows clients so I can use the built-in VPN client.  nslookup on 10.10.42.1 (or 10.10.100.1) results in a timeout.  Like I mentioned above, 10.10.42.6 works great.  I don't believe this is a firewall issue since I'm able to access other services on the pfsense box from the IKEv2 clients.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.