OPNsense Forum
Archive => 17.7 Legacy Series => Topic started by: labsy on December 29, 2017, 12:14:55 am
-
Hi,
does anybody have a clue about my specific problem.
It's about DNS (or any other traffic), where packets origin from within LAN, then go to WAN adapter and return back into LAN for destination - it seems those are rejected.
For example, I have 3 DNS servers:
- DNS 1 is on LAN, behind OpnSense
- DNS 2 is on LAN, behind OpnSense
- DNS 3 is on different WAN subnet
I have ALL DNS servers configured to sync to each other PUBLIC WAN IP address.
- Syncing inbetween DNS1 or DNS2 and DNS3 (and vice versa) is OK.
- But between DNS1 and DNS2 does not happen. I must configure manually DNS1 and DNS2 to sync using LAN IP addresses, not WAN...then sync is OK.
I guess OPNSense blocks the DNS traffic on port 53, if it originates from LAN and is setined via WAN back to LAN.
Any idea, what rule must I add to allow such traffic? (for DNS 53 port only)