[Solved] DMZ trouble with DNS

Started by Kapman, March 24, 2018, 11:00:48 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 24, 2018, 11:00:48 PM Last Edit: March 27, 2018, 04:05:00 AM by Kapman
Hello,
I have a Ubuntu server on an DMZ I just configured that cannot resolve domain names.

I'm currently running version 18.1.5.
I have the interface enabled and setup with a static ip.
Unbound DNS is being used with the setting "Network Interfaces" set to "All".

There is a single Ubuntu server installed on the DMZ.  I can ping it from the LAN & OpnSense.
The Ubuntu server is set with the correct DNS server (the opnsense server).
The Ubuntu server cannot resolve domain names.  From the Ubuntu server, I cannot ping the OpnSense machine where Unbound DNS is running.

Any ideas about what I'm doing incorrectly here?

Thanks in advance!
March 24, 2018, 11:54:39 PM #1
do you have any allow firewall rules on that DMZ network?
March 25, 2018, 12:32:33 AM #2
I have Unbound DNS set with "Network Interfaces" set to "All".  I assumed that implied the DNS server (opnsense) should be available on the network.
The DNS server is 192.168.2.1 and the Ubuntu server is 192.168.2.100 in this case.  I'm pinging from 192.168.2.100 to 192.168.2.1.  The reverse works.
I don't think I need a rule for that, do I? 
March 25, 2018, 06:08:59 PM #3
Turns out adding a rule is the correct solution!
This is fixed.

Thanks Bitman!
March 25, 2018, 08:25:35 PM #4
Hello everyone,
Adding a screen capture of the rules I setup in my DMZ to help others out and just in case some other folks notice this can be improved.
March 26, 2018, 07:31:05 AM #5
Thanks for your feedback, appreciated.
Also, you can prepend [Solved] to the title if you feel you no longer have related issues.
Thanks again.
OPNsense v18 | HW: Gigabyte Z370N-WIFI, i3-8100, 8GB RAM, 60GB SSD, | Controllers: 82575GB-quad, 82574, I221, I219-V | PPPoE: RDS Romania | Down: 980Mbit/s | Up: 500Mbit/s

Team Rebellion Member
Print
Go Up Pages1
User actions