Actions
Bug #2996
closed
DNS forwarder & Domain Overrides does not work thru ipsec tunnels
Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
DNS Forwarder
Target version:
-
Start date:
05/16/2013
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:
Description
Effekt similar to #1352 but with ipsec:
2 networks- .net1.lan [192.168.1.0/24]
- .net2.lan [192.168.2.0/24]
are connected thru ipsec with pfsense (2.0.3) on both sides.
both firewalls passes all packages on ipsec. "Normal" traffic works as expected from both sides except DNS.
To be able to resolve server names on the other side we defined "Domain Overrides" on "DNS forwarder" with IP of the LAN device on the other side:
on net1 we defined domain overrides:
net2.lan: 192.168.2.1
explcit dns lookups from LAN work as expected like from net1 LAN:
nslookup host1.net2.lan 192.168.2.1
brings expected result. When using the local DNS pfsense returns timeouts:
nslookup host1.net2.lan 192.168.1.1 ;; connection timed out; no servers could be reached
Same effect when using "Diagnostics/DNS Lookups" on pfsense1 in the web ui and query host1.net2.lan
Updated by 
Updated by
Actions