Reverse traffic problem

Started by labsy, December 29, 2017, 12:14:55 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 29, 2017, 12:14:55 AM
Hi,

does anybody have a clue about my specific problem.
It's about DNS (or any other traffic), where packets origin from within LAN, then go to WAN adapter and return back into LAN for destination - it seems those are rejected.

For example, I have 3 DNS servers:
- DNS 1 is on LAN, behind OpnSense
- DNS 2 is on LAN, behind OpnSense
- DNS 3 is on different WAN subnet
I have ALL DNS servers configured to sync to each other PUBLIC WAN IP address.
- Syncing inbetween DNS1 or DNS2 and DNS3 (and vice versa) is OK.
- But between DNS1 and DNS2 does not happen. I must configure manually DNS1 and DNS2 to sync using LAN IP addresses, not WAN...then sync is OK.

I guess OPNSense blocks the DNS traffic on port 53, if it originates from LAN and is setined via WAN back to LAN.

Any idea, what rule must I add to allow such traffic? (for DNS 53 port only)
Print
Go Up Pages1
User actions