I have a domain: DC, Internet gate and a couple of workstations. DC also works as a DNS server. The internal DNS server forwards all queries to external names to the DNS server in the Internet gateway (actually, the Kerio Control DNS forwarder).
I discovered that I can not solve certain DNS names:
R: > nslookup ru.secretvpn.net Server: dc.mydomain.local Address: 192.168.0.1 *** dc.mydomain.local can not find ru.secretvpn.net: the server failed
Other names can be solved well (including the secretvpn.net itself). If I specify the DNS server (that of the WAN NIC configuration in the Internet gateway), the resolution also works well. It also works on the Internet gate itself.
So the problem is related in some way to the DNS queries that are forwarded from the internal DNS server to the DNS forwarder.