Hi, folks,
My main router is a Bananapi R2, master branch, fresh built.
It serves DHCP, DNS, DLNA, VPN in finest manner, but one feature is missing
it should resolve queries for my private network behind vpn and gets timeout
Configuration is like this:
An Archer C7 running current 19.07.7 openwrt image in same LAN behind the Bananapi router using these settings can successful resolv queries like
nslookup server1.my.company.com and so other clients in the lan, if they using the archer for dns.
The main router itself giving timeout during querying.
What I´m missing here? May be firewall settings?
Firewall zone settings are both LAN<->VPN accept no masquerading because my LAN is routable to company LAN. Additionally traffic rules are allowing UDP traffic from device to VPN.
Thanks in advance for hints
Thx for fast answer, now the results and questions
assigning the interface to LAN zone doesn´t help.
On which server I should use topology subnet? On remote site there is a Sophos XG and the possibilities are limited
Your last hint is cryptic.
for clarification. all clients on the LAN can query the VPN-DNS using nslookup server1.my.company.com 10.0.0.1, but not the openwrt router itself. In system protocol I see the forwarding of the query to the VPN, but it seems the answer is not arriving on the router
Solved. Accidentally I had a short downtime at provider site. After reconnect I needed to restart the VPN connection manually and after this the dns resolution works as expected. May be the assigning of tun0 to lan zone needs a reconnect?
Finally solved. Meanwhile I have SNAPSHOT r19162 running, the name resolution works since several new builts.
After comparing the config files from last year and today, I see these additions or changes
list interface 'lan'
option localservice '1'
option rebind_protection '1'
list rebind_domain 'my.company.com'
option rebind_localhost '1'