[ previous ] [ next ] [ threads ]
 From:  Mat Murdock <mmurdock underscore lists at kimballequipment dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Setting Authoritative DNS Server to Server across VPN
 Date:  Tue, 18 Apr 2006 22:34:36 -0600
I have two m0n0wall's setup with a vpn connecting the two.  This is 
up and running just fine.  What I would like to do, using DNS forwarder, 
is set the authoritative DNS server for a specific domain  This DNS 
server would be a machine that is on the other side of the VPN Tunnel.  
What I think is happening is that m0n0wall cannot access the server 
because it can't reach that server because it doesn't know how to route 
that DNS request through the vpn.  However from a client connected to 
that very m0n0wall I can ping the server just fine.  In other words I 
think it's sending the request directly out of the WAN port and not 
thought the LAN port which would then direct it over the vpn tunnel.

   What I am trying to do is have a few of my clients connect to my 
windows domain on the other side of the tunnel.  What I have done in the 
past is set the primary dns server on the workstations to the domain dns 
server on the other side of the tunnel.  That works, but if the tunnel 
goes down they they cannot browse the internet because all of the dns 
query's cannot reach the dns server one on the other side.  I could set 
the secondary dns server on the workstations, but I have seen windows 
jump to the secondary dns server to quickly sometimes and that also 
causes problems.  So if I could just tell m0n0wall to send all domain 
related queries to the domain dns server and use my ISP's dns server for 
everything else I could have my cake and eat it to.  I hope this makes 
sense.  If anyone has another suggestion on how I should to this let 
kindly let me know.


Mat Murdock