Guest VLAN can't resolve DNS (I'm using Unbound for all my interfaces)

warheat1990 · December 31, 2021, 11:13:14 AM

Hello friend,

I'm using Unbound DNS for all interfaces in my network.

I have a Guest network (VLAN100), I block this Guest network from accessing other network (RFC1918) in the Firewall rules.

Unfortunately, that means the clients under Guest VLAN won't be able to resolve DNS. How do I block Guest VLAN from accessing private network (RF1918) but still allow the clients under Guest VLAN to resolve the DNS?

KHE · December 31, 2021, 11:52:53 AM

Hi

simply but a rule on top of the block rule to allow the traffic from the Guest net to the Guest address with port 53 (DNS) and IPv4 UDP or IPv4 TCP/UDP.

KH

warheat1990 · December 31, 2021, 01:07:26 PM

Quote from: KHE on December 31, 2021, 11:52:53 AM
Hi

simply but a rule on top of the block rule to allow the traffic from the Guest net to the Guest address with port 53 (DNS) and IPv4 UDP or IPv4 TCP/UDP.

KH

Thanks, works perfectly

Guest VLAN can't resolve DNS (I'm using Unbound for all my interfaces)

warheat1990

December 31, 2021, 11:13:14 AM

KHE

December 31, 2021, 11:52:53 AM #1

warheat1990

December 31, 2021, 01:07:26 PM #2