DNS: How to set up a private Domain Zone Forwarder
Freshman Member
To resolve local DNS entries, I set up Domain Zone Forwarders (System|DNS) for the locally resolved domains.
Up to the classic USG Flex Series I was able to chose to set up "private servers". These where queried via "tunnel" which worked locally AND via VPN tunnel. The new USG Flex H series firewall forces me to chose the query via interface. Possible values are the physical and virtual network interfaces, but not the VPN tunnels.
Does anybody know how to set up DNS server hiding behind VPN tunnels?
Accepted Solution
Zyxel Employee
All Replies
-
Does selecting auto help?
If you do a VTI tunnel you can query via that interface
0 -
Auto is not available for "Domain Zone Forwarders"; only for "Global Zone Forwarders"…
Until now I did never use VTI tunnels. Frankly, I don't understand, why they exist. I'll have to investigate into them a little bit more…
0 -
Hi @Ich
Since currently policy-based site-to-site VPN is not supported to select, we recommend to change your VPN setting from policy-based to route-based.
You may feel free to provide your configuration and we will help to convert the VPN setting from policy-based VPN to route-based VPN. Please send me your configuration file to me via private message.
Zyxel Melen0 -
You said "currently not supported"…
Do you - or anyone else - know, if it is planned to restore the previous functionality?
0 -
Guru Member
Categories
- All Categories
- 438 Beta Program
- 2.7K Nebula
- 189 Nebula Ideas
- 121 Nebula Status and Incidents
- 6.2K Security
- 463 USG FLEX H Series
- 304 Security Ideas
- 1.6K Switch
- 81 Switch Ideas
- 1.3K Wireless
- 44 Wireless Ideas
- 6.8K Consumer Product
- 280 Service & License
- 440 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 91 Security Highlight
