Not resolving private dns zone over point to site VPN connection into Azure

Question

Having issues getting a private DNS setup, attached to a vnet, to resolve over a point to site VPN connection.

My point to site VPN connection is working and I am able to ping the IP and get to IIS on the server. I've set the private DNS up and it's attached to the vnet with the machines automatically registering in the DNS fine. The domain resolves fine from within the vnet/vm but not from across the point to site VPN.

I'm deploying the setup using an ARM template and have the following dependencies to see if that makes a difference:

vnet - depending on a couple of NSGs and the private DNS zone

virtual network gateway - depending on the gateway IP, vnet and the private dns zone

I've waited for everything to deploy and then downloaded, installed and connected the VPN. Connects fine but just no DNS resolution from the private zone.

Anyone any ideas?

Answer 1

In this case, It's possible to make a DNS forwarder that forwards queries to Azure (virtual IP 168.63.129.16) from on-premise DNS to an azure private DNS Zone. See Name resolution that uses your own DNS server You also could vote up this feature request---Azure Private DNS Zone resolution from OnPremise

Here is a template that shows how to create a DNS server that forwards queries to Azure's internal DNS servers so that hostnames for VMs in the virtual network can be resolved from outside the network.

You also could have a look at a good open-source free DNS server for windows---Technitium DNS Server in the answer for more references.