> Hi Christoph et al
> Firstly thank you for your response.
> 1. Services -> DNS forwarder -> enable
> Confirmed. Also ticked "Register DHCP leases in DNS forwarder" which I presume is required.
> 2. after: "You may enter records that override the results from the forwarders below."
> add the internal IPs with the used FQNs
> What are FQN's? I have added a couple of domain names and the LAN IP which the server is on.
domain names entered in the format
> domainname.com without the prepended www.
pardon, FQDN see http://en.wikipedia.org/wiki/FQDN .
add for example www.name1.com, www.name2.com etc. If you have virtual
domains you have to add them all.
> 3. create a rule "allow DNS from inside to internal IP of the M0n0
> I have created a LAN firewall rule from Any LAN, port 80 to the LAN IP of monowall (also tried LAN
IP of the server)
I need this rule, because i deny every access to the internal ip of the
firewall except icmp for all and https from the admin PC. So if you use
the m0n0wall for DNS you have to allow this with an explicit rule.
If you don't have created such rules you don't need the allow DNS rule.
> 4. force the internal Clients to use the internal IP of the M0n0 as primary DNS
> I am not sure how to do this. Monowall is serving DHCP addresses to the LAN, my understanding
that includes Monowall as the gateway
> and the DNS server?
OK, if you use M0n0 as DHCP its done automatic
> I'd be most grateful of further assistance.
> Kind regards
> David Hingston
"let's make the backup tomorrow"