[ previous ] [ next ] [ threads ]
 From:  "Chris Buechler" <cbuechler at gmail dot com>
 To:  "Tim Vaughan" <talltim at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] DNS forwarder using Active Directory
 Date:  Tue, 20 Feb 2007 13:59:54 -0500
On 2/20/07, Tim Vaughan <talltim at gmail dot com> wrote:
> Hi,
> I work in an office that has two networks behind a m0n0wall.  One is
> run by my colleague who only tolerates Windows servers - the other is
> mine.
> I'm using m0n0wall as a DNS forwarder on the LAN interface
> (192.168.123.xxx) and has a .tim domain.
> The other network is on OPT1 (192.168.2.xxx) and has a Windows SBS
> machine running Active Directory, DHCP etc - m0n0wall is just a
> gateway.  It has a .fluid.local domain
> I want m0n0wall to forward DNS requests for xxx.fluid.local to the SBS
> machine which is at  I've set it up as I thought was
> right, in a way which worked when I had a VPN between two m0n0walls
> but it's not working.  dig@ commands work ok on a machine
> on my network so I don't understand why the m0n0 doesn't forward the
> DNS requests.

I'm guessing the authoritative DNS server for the domain you've setup
are across an IPsec connection. If that's the case, the fix is the
same as the SNMP over VPN fix (see FAQ).