Interesting VPN / DNS question
We currently have an issue as follows: -
Fred is a local user configured on the SonicWALL. Within the VPN section of the local user page, it is setup so that Fred can access only the 172.26.0.0/24 network from his client VPN
Fred needs to be able to resolve DNS queries against the DNS server located at 192.168.0.12 for resources located in the 172.26.0.0/24 network.
Fred is not allowed access to anything on the 192.168.0.0/24 network except for resolving DNS queries against the DNS server 192.168.0.12
Currently, when connected over the GVPNC DNS lookups to 192.168.0.12 fail, as expected.
The GVPNS is configured as a split tunnel with split DNS.
Of course, if I add the X0 interface to the VPN tab in the user page, everything works as expected.
How may we best resolve this issue to allow Fred to resolve DNS queries against the DNS server at 192.168.0.12 whilst blocking him from accessing anything else on the 192.168.0.0/24 network?
Many thanks.
Comments
Make an address object for the DNS server, then set that as an allowed network for the user in the VPN tab.
create an address object for DNS server and add that to the VPN instead of the X0 subnet.
you could always add rules afterwards