When you made the conditional forwarder, did you put the correct private IP for the on-prem DNS server?<\/li>\n<\/ul>","upvoteCount":0,"datePublished":"2022-05-19T15:04:02.000Z","url":"https://community.spiceworks.com/t/azure-dns/833182/6","author":{"@type":"Person","name":"anon595438","url":"https://community.spiceworks.com/u/anon595438"}},{"@type":"Answer","text":"So, I got it where I can resolve On-prem DNS from Azure. However, I still cannot resolve an internal web page. I flushed DNS all that but do I need record somewhere else?<\/p>","upvoteCount":0,"datePublished":"2022-05-19T18:56:11.000Z","url":"https://community.spiceworks.com/t/azure-dns/833182/7","author":{"@type":"Person","name":"brant224","url":"https://community.spiceworks.com/u/brant224"}},{"@type":"Answer","text":"\n\n
<\/div>\n
brant224:<\/div>\n
\nSo, I got it where I can resolve On-prem DNS from Azure. However, I still cannot resolve an internal web page. I flushed DNS all that but do I need record somewhere else?<\/p>\n<\/blockquote>\n<\/aside>\n
Is that DNS record for that internal webpage held in the DNS zone on your on-prem DNS server that your conditional forwarder is pointing to from Azure. If you have multiple DNS zones on your on-prem DNS server, you have to make sure to make the corresponding conditional forwarder on your Azure DNS server.<\/p>","upvoteCount":0,"datePublished":"2022-05-19T19:21:07.000Z","url":"https://community.spiceworks.com/t/azure-dns/833182/8","author":{"@type":"Person","name":"anon595438","url":"https://community.spiceworks.com/u/anon595438"}},{"@type":"Answer","text":"
So, I can get to the site from a VM in Azure. However, when I attempt to reach it from my computer over the VPN I cannot. I flushed dns and all that good stuff.<\/p>","upvoteCount":0,"datePublished":"2022-05-19T19:37:58.000Z","url":"https://community.spiceworks.com/t/azure-dns/833182/9","author":{"@type":"Person","name":"brant224","url":"https://community.spiceworks.com/u/brant224"}}]}}
brant224
May 19, 2022, 12:00pm
1
So, I have an on-prem DNS server and I have some servers running in Azure. I want to be able to resolve hostnames from my Azure VM’s for host that live on-prem. I have tried setting a conditional forwarder but maybe I did it wrong. Any advice?
5 Spice ups
To clarify, are you trying to allow your on-prem systems to resolve Azure VM hostname records or allow your Azure VMs to resolve on-prem DNS records?
brant224
May 19, 2022, 1:49pm
3
Yea so basically, when I am connected to a VM that is hosted in Azure I am not able to resolve DNS from on-prem. I setup a conditional forwarder on the Azure DNS server to the on-prem. However, I read in some blogs that you have to setup DNS forwarding via the Azure FW.
To understand your environment a little more:
Do you have a site-to-site VPN or express route from your Azure tenant to your on-prem?
If your Azure networks have some sort of connection to your on-prem, are your routes setup so your Azure networks can have a path to on-prem networks holding the DNS server?
Do you have any firewalls (in Azure or on-prem) that need rules allowing DNS port 53 traffic? A PowerShell Test-NetConnection command from your Azure VM can test this for the DNS port.
Are your Azure VMs using private IPs or using public IPs that will be reaching out to your on-prem DNS?
brant224
May 19, 2022, 2:45pm
5
Do you have a site-to-site VPN or express route from your Azure tenant to your on-prem? We have a site-to-site vpn.
If your Azure networks have some sort of connection to your on-prem, are your routes setup so your Azure networks can have a path to on-prem networks holding the DNS server? I can ping from Azure to On-prem and vice versa.
Do you have any firewalls (in Azure or on-prem) that need rules allowing DNS port 53 traffic? Test connection worked
A PowerShell Test-NetConnection command from your Azure VM can test this for the DNS port. Are your Azure VMs using private IPs or using public IPs that will be reaching out to your on-prem DNS? Worked for port 53
The Azure DNS server you are trying to configure the conditional forwarder on, is it using a public IP to send these DNS requests to the on-prem DNS server or does it only have a private IP?
Anything in the Azure DNS server DNS logs showing any issues?
When you made the conditional forwarder, did you put the correct private IP for the on-prem DNS server?
brant224
May 19, 2022, 6:56pm
7
So, I got it where I can resolve On-prem DNS from Azure. However, I still cannot resolve an internal web page. I flushed DNS all that but do I need record somewhere else?
Is that DNS record for that internal webpage held in the DNS zone on your on-prem DNS server that your conditional forwarder is pointing to from Azure. If you have multiple DNS zones on your on-prem DNS server, you have to make sure to make the corresponding conditional forwarder on your Azure DNS server.
brant224
May 19, 2022, 7:37pm
9
So, I can get to the site from a VM in Azure. However, when I attempt to reach it from my computer over the VPN I cannot. I flushed dns and all that good stuff.
