I have my own Private DNS instance (AdGuard Home) which I NAT over Mikrotik and port 853. On my phone under Private DNS I have my domain that points to Mikrotik WAN address. It is working correctly until I enable Back to Home connection on my phone. I get a message that Private DNS address is not reachable.
How can I debug and resolve this? I would appreciate all the help.
Firewall rules:
Code: Select all
add action=accept chain=input comment="DNS over TLS" dst-port=853 protocol=\
tcp
add action=accept chain=forward comment="DNS over TLS" dst-port=853 protocol=\
tcp
Code: Select all
add action=dst-nat chain=dstnat comment="AdGuard DNS over TLS" disabled=yes \
dst-address=!192.168.28.0/24 dst-address-type="" dst-port=853 protocol=\
tcp to-addresses=192.168.28.21 to-ports=853
add action=dst-nat chain=dstnat comment="AdGuard DNS over TLS" dst-address=\
!192.168.28.0/24 dst-address-type="" dst-port=853 protocol=tcp \
src-address-list=T2_supernet to-addresses=192.168.28.21 to-ports=853
add action=dst-nat chain=dstnat comment="AdGuard DNS over TLS" dst-address=\
!192.168.28.0/24 dst-address-type="" dst-port=853 protocol=tcp \
src-address-list="Ekonomska statika" to-addresses=192.168.28.21 to-ports=\
853