Hello all,
I'm running OPNSense 23.7.3-amd64 and have hit a bit of a snag with my Wireguard and DNS configuration.
I have configured a wildcard DNS Override in Unbound for my homelab domain (Let us say *.homelab.com).
My Wireguard configuration is set to use the endpoint at vpn.homelab.com.
When I enable the Wireguard VPN while still connected to my home network, vpn.homelab.com resolves to the internal IP address due to the override. However, when I move my device to another network, Wireguard retains the old internal IP address due to its default behavior of only initially resolving the domain name.
Is there a way to exclude vpn.homelab.com from the wildcard DNS override, while still maintaining the wildcard DNS override for every other subdomain under *.homelab.com?
vpn.homelab.com resolves to my external IP address using an external resolver like Cloudflare.
BTW, example.com is the official domain for examples. :)
I've seen some people use vpn.example.com for external access and something like *.internal.example.com for internal access.
Depending on your goals and you can also use port forwarding to resolve things internally and externally the same. That's what I do in order to access my dmz server via domain regardless of whether I'm inside or outside the network.