Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
[SOLVED] UnboundDNS needs to talk to an DNS Server behind an IPSec VPN
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] UnboundDNS needs to talk to an DNS Server behind an IPSec VPN (Read 1002 times)
cherzberg
Newbie
Posts: 3
Karma: 0
[SOLVED] UnboundDNS needs to talk to an DNS Server behind an IPSec VPN
«
on:
May 06, 2022, 06:50:31 pm »
HI all,
I have setup an IPSec VPN which works fine for all clients within the LAN netzwerk.
The OPNSense itself can not access the network behind the VPN but it need to.
The Unbound DNS server needs to talk to an DNS server behind the VPN because this is the DNS server for the privat domain.
OPNSense LAN (192.168.2.0/24) <---VPN----> Remote network (192.168.192.0/24) (DNS Server 192.168.192.20)
At the Unbound DNS Server I have configured for domain qqqqqq.local to use DNS Server 192.168.192.20.
How can I configure that unbound can access my remote network? I guess that opensense uses the WAN ip address as source ip but this can not work.
Any suggestion is welcome.
Thanks
Christian
«
Last Edit: May 09, 2022, 08:27:43 am by cherzberg
»
Logged
zerwes
Full Member
Posts: 125
Karma: 8
Re: UnboundDNS needs to talk to an DNS Server behind an IPSec VPN
«
Reply #1 on:
May 07, 2022, 05:21:26 am »
Services: Unbound DNS: General:Outgoing Network Interfaces
The IP of the iface configured here will be set as a SRC on requests made by onbound.
If this IP is the right one to pass your VPN, this should work (I have several setups using this, as we have several branch offices with a own dns zone, but many other zones need to be resolved via the DNS hosted at the headquarter .. and the way there is through the VPN) Set this to LAN and it should work.
Do not forget to configure the domain overide for qqqqqq.local -> 192.168.192.20
And I would recommend you setting Services: Unbound DNS: Advanced:Serve expired responses (in case your VPN is down)
Logged
cherzberg
Newbie
Posts: 3
Karma: 0
Re: UnboundDNS needs to talk to an DNS Server behind an IPSec VPN
«
Reply #2 on:
May 09, 2022, 08:26:50 am »
Hi zerwes,
that was the point. Thanks a lot!
Cheers
Christian
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
[SOLVED] UnboundDNS needs to talk to an DNS Server behind an IPSec VPN