OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: Kapman on March 24, 2018, 11:00:48 pm

Title: [Solved] DMZ trouble with DNS
Post by: Kapman on March 24, 2018, 11:00:48 pm

Hello,
I have a Ubuntu server on an DMZ I just configured that cannot resolve domain names.

I'm currently running version 18.1.5.
I have the interface enabled and setup with a static ip.
Unbound DNS is being used with the setting "Network Interfaces" set to "All".

There is a single Ubuntu server installed on the DMZ.  I can ping it from the LAN & OpnSense.
The Ubuntu server is set with the correct DNS server (the opnsense server).
The Ubuntu server cannot resolve domain names.  From the Ubuntu server, I cannot ping the OpnSense machine where Unbound DNS is running.

Any ideas about what I'm doing incorrectly here?

Thanks in advance!

Title: Re: DMZ trouble with DNS
Post by: bitman on March 24, 2018, 11:54:39 pm

do you have any allow firewall rules on that DMZ network?

Title: Re: DMZ trouble with DNS
Post by: Kapman on March 25, 2018, 12:32:33 am

I have Unbound DNS set with "Network Interfaces" set to "All".  I assumed that implied the DNS server (opnsense) should be available on the network.
The DNS server is 192.168.2.1 and the Ubuntu server is 192.168.2.100 in this case.  I'm pinging from 192.168.2.100 to 192.168.2.1.  The reverse works.
I don't think I need a rule for that, do I? 

Title: Re: DMZ trouble with DNS
Post by: Kapman on March 25, 2018, 06:08:59 pm

Turns out adding a rule is the correct solution!
This is fixed.

Thanks Bitman!

Title: Re: DMZ trouble with DNS
Post by: Kapman on March 25, 2018, 08:25:35 pm

Hello everyone,
Adding a screen capture of the rules I setup in my DMZ to help others out and just in case some other folks notice this can be improved.

Title: Re: DMZ trouble with DNS
Post by: elektroinside on March 26, 2018, 07:31:05 am

Thanks for your feedback, appreciated.
Also, you can prepend [Solved] to the title if you feel you no longer have related issues.
Thanks again.