Sophos XG DNS request route (internal dns forward)

Question

Hello together, 
 
 we have a problem with the dns request route configuration. We have multiple remote sites and a datacenter. The datacenter has a ad/dc with dns function. The clients in the remote site sends the dns requests to the Sophos XG 85/105/115 firewall. The firewall have a vpn connection to the datacenter and want to send the request for the datacenter domain to the datacenter sophos xg firewall. 
 We have added the following entry: Network -> DNS: Name: xxx.local 
 Target: xx.xx.xx.xx (ad/dc ip) 
 
 This forward is not working. Have you an idea what the problem is ?

Kranthi · Accepted Answer

Please see my response in the thread its a similar answer 
 
 community.sophos.com/.../74246 
 
In that example 10.20.13.45 will be your AD/DC

Kranthi · Answer

To my knowledge it should only route thru the active tunnel route I have not tested this kind of setup with a failover but the XG should only consider the active tunnel route but option 1 you can define both your wan interfaces inside the tunnel networks but we need to make sure your dns server responds to the queries from the remote office wan ip addresses. Even if it's not there is a work around where in you can create a VPN to lan in your DC firewall with source being the remote wan ip s of your offices and destination being your dns server and snat all the wan IP address to the lan ip of the dc XG