DNS Using an Azure Point to Site VPN from my desktop. (DNS Private Zones)

Welcome Forums General PowerShell Q&A DNS Using an Azure Point to Site VPN from my desktop. (DNS Private Zones)

Viewing 3 reply threads
  • Author
    Posts
    • #179301
      Participant
      Topics: 26
      Replies: 59
      Points: 97
      Rank: Member

      I have a point to site VPN setup into a hub and spoke designed private network.

      I can see in my routing tables on my desktop, I can see all the networks of the hub and the spokes.

      I can not ping any of these servers with the FQDN. I can ping with the IP's.

      If I ssh onto a server in the hub, I can ping all the servers using the FQDN's.
      In other words, i am getting DNS resolution from a server on the private network, but not my desktop which is connected via VPN.

      Any idea how I can get this to work from my desktop across the VPN in Azure?
      Am I supposed to be able do access the Azure DNS Private Zones, or DNS for my networks in Azure?
      If so, how do I make it work?

      PS C:\> ping cnt-inbound-01.prod.dom.local                               
      Ping request could not find host cnt-inbound-01.prod.dom.local. Please check the name and try again.
      PS C:\> nslookup cnt-inbound-01.prod.dom.local                            
      Server:  UnKnown
      Address:  192.168.1.1 
    • #179307
      Participant
      Topics: 1
      Replies: 20
      Points: 57
      Helping Hand
      Rank: Member

      This definitely looks like a name resolution problem (i.e. not really a Powershell problem). If I VPN into the site of my servers the VPN connection gives me the IP address of a DNS server that can resolve internal names. I assume that is not the case for your VPN connection, maybe you should discuss this with the admin of the server/device that provides the VPN connection?

      Regards,

      Kris.

    • #179400
      Participant
      Topics: 0
      Replies: 115
      Points: 433
      Helping Hand
      Rank: Contributor

      Have you verified the network security groups are configured to allow you to access from the VPN? I agree with Kris, you would need to speak with the admin for your Azure Tenant/Subscription to verify ACLs (network security groups) are configured to allow connection from the VPN connection.

       

       

    • #179718
      Participant
      Topics: 26
      Replies: 59
      Points: 97
      Rank: Member

      We are talking specifically about Azure Point to Site VPN, it is a product provided by Azure. So I am looking for someone who knows how this is supposed to work. I have complete control over the environment. The way it works is once you have configured your different networks and configured peering between the networks, then you download a vpn client from the Network Gateway that enables you to connect and puts a dll on your workstation that configures all the routing tables so you can access everything via IP. I have added DNS Private Zones, which is new to Azure. Each zone has links to the other zones so they can resolve FQDN's from each serer to each network. I want to know if it is supposed to work over the VPN? If, so, how do I make it work. I have coded out standing up all of this with PowerShell. But yes, it is an Azure question. I see one article out there where it says you have to download the vpn client after the DNS configuration, I have done that with no effect.

Viewing 3 reply threads
  • The topic ‘DNS Using an Azure Point to Site VPN from my desktop. (DNS Private Zones)’ is closed to new replies.