Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".


Site to Site VPN DNS settings


I have 13 sites coming into my main office. Each site the DHCP server is the TZ400 and the DNS1 is our primary DNS server in main location. When our internet fails or switch or server is rebooted, the locations all lose internet.

Is there a way to have all internet traffic look to the ISP DNS servers but all LAN traffic be sent over VPN?

I assume a static route, i have never set one of these up before

Category: Entry Level Firewalls


  • Options

    Hello @Flyers2020,

    Welcome to SonicWall community.

    Usually the end computers try to use the primary DNS server configured on their adapter to perform DNS resolutions either internal or external. For the SonicWall to correctly send the DNS traffic for internal and external DNS resolutions, DNS proxy feature can be used.

    With DNS proxy enabled, all DNS traffic will be sent to the firewall. You can have Split DNS server and mention the internal domain name for which the DNS server would be the main site DNS server. All other domains will use the ISP DNS server. But this configuration needs to be done on branch locations so that they can decide what DNS traffic should go to the main site. Please make sure you are on the latest firmware to use this feature. (Only available since firmware)

    I hope that helps.


    Shipra Sahu

    Technical Support Advisor, Premier Services

  • Options
    cspellcspell Newbie ✭

    Did you get this working? I want to do the same thing but support told me this cannot be done unless the DNS server is local at the remote site, not across the VPN. It sounds counterintuitive but I have been unable to configure and get it working.

Sign In or Register to comment.