Blocking remote office DNS

  • Hello,

    We've been blocking DNS from our main office so only DNS requests from our domain controllers can do lookups which are filtered through OpenDNS.

    What I need to do now is blocking DNS from our remote office so the DC's at remote office can only do lookups over the OpenVPN's to the main office.


    Remote office 1 DC IP is and it needs to be able to do DNS lookups over the VPN to

    Block any other DNS lookups.

    Attached is what I have set for head office and it works perfectly.

  • LAYER 8 Netgate

    On remote office LAN

    Pass TCP/UDP port any source port any dest port 53
    Reject TCP/UDP port any source LAN net port any dest any port 53

Log in to reply