Hi,
I have an XG Home edition running SFOS 19.0.1 MR-1-Build365. I have setup an ACME-DNS server on my LAN so that I can use it to authorise Lets Encrypt certificate issuing/renewals using the DNS-01 validation method. I have updated my external DNS zone to delegate a subdomain to my ACME-DNS server, using the public IP on my XG as the NS address for the delegated subdomain.
My problem is I can't seem to get connectivity working from the internet to my ACME-DNS server over UDP/53.
I used the Server Access Assistant (DNAT) wizard to setup the rule and specified the service as "DNS" which includes both TCP/UDP/53 as the destination port. TCP works fine and I can see the connection hit my ACME-DNS server, but I can't seem to get UDP connectivity working.
When I issue a DNS query over UDP (externally), I dont see any traffic hit either my server or the XG's WAN port (Port2_ppp in my case), but I do see the TCP traffic on port 53 hit both (using tcpdump).
I have logging turned on in my FW rule, but dont see any messages in the logs about why this might be. I've poked around and scratched my head on this for a couple of hours but havent made any progress and so just wondered if anyone else was running a DNS server accessible from the internet behind their XG, and if so, if there is any trick to it. I'm sure I've just missed something simple, but havent been able to figure out what that is.
Cheers,
This thread was automatically locked due to age.
