Hi there,
I’m hoping I can get a hint or confirmation on this.
In the pfSense challenge, the instructions state to:
1.) Allow the RemoteServer secure web access to the Website server.
according the practice labs this can be handled in a couple of different ways, I chose a NAT rule. used curl to confirm https access between remote and website.
2.) Allow the RemoteServer DNS access to the Website server.
This one is tricky. Practice labs don’t explicitly cover this situation, an external server needing DNS access on an internal DNS server. I attempted multiple types of rules in different locations on the external firewall. I suspect I’m over thinking this one and that this rule is similar to this rule on the internal firewall: Allow the IT network access to DNS on Server3.
My current rule is set to allow any source any port to access DNS on the external firewalls WAN IP. Ran the flag on the remoteserver and I get the error unable to resolve name website.cybrary.lab I’m not able to test website.cybrary.lab.
Any advice or insights is much appreciated.