DNS: How to set up a private Domain Zone Forwarder
Freshman Member
To resolve local DNS entries, I set up Domain Zone Forwarders (System|DNS) for the locally resolved domains.
Up to the classic USG Flex Series I was able to chose to set up "private servers". These where queried via "tunnel" which worked locally AND via VPN tunnel. The new USG Flex H series firewall forces me to chose the query via interface. Possible values are the physical and virtual network interfaces, but not the VPN tunnels.
Does anybody know how to set up DNS server hiding behind VPN tunnels?
Accepted Solution
Guru Member
All Replies
-
Does selecting auto help?
If you do a VTI tunnel you can query via that interface
0 -
Auto is not available for "Domain Zone Forwarders"; only for "Global Zone Forwarders"…
Until now I did never use VTI tunnels. Frankly, I don't understand, why they exist. I'll have to investigate into them a little bit more…
0 -
Hi @Ich
Since currently policy-based site-to-site VPN is not supported to select, we recommend to change your VPN setting from policy-based to route-based.
You may feel free to provide your configuration and we will help to convert the VPN setting from policy-based VPN to route-based VPN. Please send me your configuration file to me via private message.
Zyxel Melen0 -
You said "currently not supported"…
Do you - or anyone else - know, if it is planned to restore the previous functionality?
0 -
Categories
- All Categories
- 439 Beta Program
- 2.8K Nebula
- 199 Nebula Ideas
- 125 Nebula Status and Incidents
- 6.3K Security
- 492 USG FLEX H Series
- 322 Security Ideas
- 1.6K Switch
- 83 Switch Ideas
- 1.3K Wireless
- 47 Wireless Ideas
- 6.8K Consumer Product
- 285 Service & License
- 455 News and Release
- 89 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 95 Security Highlight
