Sir This is internal dns resolver Or A Record ... How do one can make query comes from wan domain A Records mapped to my both wans and then forward to my internal destination ... If wan1 goes down query resolve to wan2 ip and clients connect back without taking care of my wans down or up Hitting the same domain name
Hi, there. Can you please tell me will this help to resolve my domain. I have dynamic WAN connection. I setup forti dyn dns but I need to host my own domains and need to resolve internal ip so domain will resolve on my home server ?thanks
yes, you can do it. External clients will use dyn DNS resolution to reach the server and internal client can query firewall to get it resolved to server IP internally
@@sumitnick4 people connecting to a dialup ipsec needs to visit an internal website, the issue is the internal domain name is also the same as the public facing. Requirement is to have the clients connecting to the vpn resolve via the internal dns server and see the internal website only. If they disconnect, then they can see the public facing website. Ik weird implementation.
@@carlb641 force the client that are getting the DHCP IP via IPsec dial up VPN to use firewall interface as DNS resolver. Make sure you enable DNS on the interface and have a static entry for the domain in question.
@@carlb641 when split tunnel is off , all the traffic will come to firewall via VPN tunnel, as it injects a default route in the system. You have a routing issue. Works fine for me.
This is your internal server dns How to make External public A records dns failover to Internal servers wan 1 down Domain name query moves to wan 2 A recorded ip
Sir This is internal dns resolver Or A Record ...
How do one can make query comes from wan domain A Records mapped to my both wans and then forward to my internal destination ...
If wan1 goes down query resolve to wan2 ip and clients connect back without taking care of my wans down or up
Hitting the same domain name
Use dynamic DNS or make WAN1 as primary DNS and WAN2 secondary DNS. If WAN1 fails query will go to WAN2 for respective resolution.
great....
Hi, there. Can you please tell me will this help to resolve my domain. I have dynamic WAN connection. I setup forti dyn dns but I need to host my own domains and need to resolve internal ip so domain will resolve on my home server ?thanks
yes, you can do it. External clients will use dyn DNS resolution to reach the server and internal client can query firewall to get it resolved to server IP internally
❤︎ ❤︎ ❤︎ thanks
how to only apply the static DNS entries to a VPN tunnel?
What is your requirement ?
@@sumitnick4 people connecting to a dialup ipsec needs to visit an internal website, the issue is the internal domain name is also the same as the public facing. Requirement is to have the clients connecting to the vpn resolve via the internal dns server and see the internal website only. If they disconnect, then they can see the public facing website. Ik weird implementation.
@@carlb641 force the client that are getting the DHCP IP via IPsec dial up VPN to use firewall interface as DNS resolver. Make sure you enable DNS on the interface and have a static entry for the domain in question.
@@sumitnick4 didn't work unfortunately. Also tried running the DHCP via the tunnel interface. Feels weird that it works if split tunnel is off.
@@carlb641 when split tunnel is off , all the traffic will come to firewall via VPN tunnel, as it injects a default route in the system. You have a routing issue. Works fine for me.
This is your internal server dns
How to make External public A records dns failover to Internal servers wan 1 down Domain name query moves to wan 2 A recorded ip