Defines whether access from WAN interfaces to the DNS server or DNS forwarder via IPv4 is generally allowed. Access to these services via IPv6 is controlled exclusively through the IPv6 inbound firewall.
Access can be controlled globally for the corresponding interface types using this switch. For more granular control than this level, corresponding IPv4 firewall rules can be configured.
Access to the DNS service must be allowed via VPN if VPN clients are to use the router as a DNS server or DNS forwarder, for example, to resolve locally configured station names.
Access to the DNS service via WAN must be allowed if clients are to connect to the router using PPPoE, L2TP, or PPTP. In this case, it is recommended to configure granular control for the local DNS service via firewall rules.
VPN interfaces include IPSec VPN (IKEv1/IKEv2) and WireGuard. WAN interfaces include all WAN counterparts such as Internet connections and RAS dial-ins to the LANCOM router acting as a PPPoE, PPTP, or L2TP server.
- SNMP ID:
- 2.17.18
- Console path:
- Setup > DNS
- Possible values:
- No
- Access to the DNS server and DNS forwarder via IPv4 from WAN and VPN interfaces is not allowed.
- Yes
- Access to the DNS server and DNS forwarder via IPv4 is generally allowed from all interfaces such as LAN, WAN, and VPN.
- VPN
- Access to the DNS server and DNS forwarder via IPv4 is allowed from LAN interfaces and via VPN (IPSec VPN and WireGuard). Access from WAN interfaces, such as Internet connections or RAS dial-ins to the LANCOM router acting as a PPPoE, PPTP, or L2TP server, is not allowed.
- Default:
- VPN
