Internal name resolution for LDAPS

[Durere]

Hi

I have an opensense configured with the following DNS servers 1.1.1.1 and 8.8.8.8
Setting up 192.168.x.y as the DNS is not a good option, I prefer to use something external.

Can someone please let me know how can I set a hostname entry (similar to /etc/hosts) so i can map internal server dc1.domain.com to internal ip 192.168.x.y so i can use LDAPS authentication on 636 instead of clear text 389 LDAP?

Thank you

[Monviech (Cedrik)]

One way to do it:

- Enable Unbound DNS in Services: Unbound DNS: General and Apply, dont change anything else here. Listening interfaces have to be "all".
- Goto Services: Unbound DNS: Query Forwarding and input the forwarding IP Addresses, in your case 1.1.1.1 and 8.8.8.8. Make sure that "Use System Nameservers" is unchecked.
- Add 127.0.0.1 as nameserver for the firewall in System: Settings: General
- Add your own DNS entries into Services: Unbound DNS: Overrides: Host Overrides
- Test it in Interfaces: Diagnostics: DNS Lookup

[CJ]

You don't need to add 127.0.0.1 in System->Settings->General.  Just make sure that "Do not use local DNS" is unchecked.

If you're going to use Cloudflare and Google you should add both of their IPs to your config in order to take advantage of them all.