I'm currently setting up an Azure P2S VPN that connects to our physical office via a Site-to-Site tunnel. At first, it seemed like the Site-to-Site connection was allowing access to our on-premises DNS server, but that turned out to be unreliable. The P2S clients often want to default to Azure's DNS services instead. I've tried importing my DNS zone file into Azure, which works most of the time, but I still face frequent lookup failures that usually require me to reconnect the VPN. One user can't resolve DNS records at all, although their setup is identical to others using the same XML template. Currently, there's no custom DNS being configured, and the system defaults to Azure DNS most of the time. I want to avoid using a private resolver due to cost and because I don't think it's necessary. I've been struggling to understand why this setup is so inconsistent. If anyone has insights or needs more diagnostic info to help troubleshoot, I'm open to providing it. I really need a reliable solution!
1 Answer
It sounds like the Azure virtual network gateway relies on the vNet's DNS settings. Since you’re not using advanced VPN features, you’ll need to customize the XML file for your DNS servers. Make sure it includes specific DNS server entries like this:
```xml
10.253.0.4
10.253.0.5
.ad.company.net
```
Try that setup and see if it improves your connection!
I had a similar situation and forgot to include the tags before. After making that change, my connection really did improve! Glad to hear you’re seeing better results—hope it stays stable!