DNS server source over VPN

altmind · July 1, 2022, 9:06am

Hi.
I’m trying to set up mikrotik DNS server forward to the other server over the ipsec VPN.
the dns server over the vpn is pingable and accessible if pinging with source-address:

ping 10.3.14.5 src-address=10.32.0.2
SEQ HOST SIZE TTL TIME STATUS
0 10.3.14.5 56 63 112ms433us

The mikrotik DNS server cant seem to reach this 10.3.14.5.
I wonder if there’s src-address option for the DNS server requests?

I’ve seen some suggestions to add a static route, but I dont know the gateway address as they are configured in ipsec POLICIES and seem to be dynamic.

Sob · July 1, 2022, 11:38am

You can cheat and add route (with pref-src) with any gateway, because currently it’s not actually used. It’s sort of wrong, but it works, and for the lack of better solutions…