- Kerio WinRoute Firewall Administrator's Guide
Chapter 21 Kerio VPN
318
Figure 21.16 Headquarter — DNS forwarder configuration
• Enable the Use custom forwarding option and define rules for names in the
filial.company.com domain. Specify the server for DNS forwarding by the
IP address of the remote firewall host’s interface (i.e. interface connected to the
local network at the other end of the tunnel).
Figure 21.17 Headquarter — DNS forwarding settings
• Set the IP address of this interface (10.1.1.1) as a primary DNS server for the
WinRoute host’s interface connected to the LAN 1 local network. It is not neces-
sary to set DNS server at the interface connected to LAN 2 — DNS configuration
is applied globally to the entire operating system.
• Set the IP address 10.1.1.1 as a primary DNS server also for the other hosts.
Note: For proper functionality of DNS, the DNS database must include records for
hosts in a corresponding local network. To achieve this, save DNS names and IP
addresses of local hosts into the hosts file (if they use IP addresses) or enable co-
operation of the DNS Forwarder with the DHCP server (in case that IP addresses are
assigned dynamically to these hosts). For details, see chapter
5.3.