On-prem Primary DNS Server or On-prem Secondary DNS Server tests fail in the Connectivity Validator.
Problem
The tests Connectivity to On-prem Primary DNS Server on Port 53 and/or Connectivity to On-prem Secondary DNS Server on Port 53 in the Connectivity Validator fail with a message that says Port 53 Connection timed out.
Cause
Potential causes of this failure could be:
- The IPsec VPN connection from the cloud SDDC to the on-premises data center might be down.
- The DNS server port 53 is blocked by a firewall rule on the cloud SDDC or on-premises data center.
- You have entered an incorrect IP address for the DNS server.
- The DNS server is down.
Solution
- Verify that the VPN tunnel from the cloud SDDC to on-premises is up. See View VPN Tunnel Status and Statistics.
- Inspect the firewall rules in the VMware Cloud Console to ensure that access to port 53 on the on-premises DNS server is not blocked.
- Inspect the firewall rules in your on-premises environment to ensure that access to port 53 on the on-premises DNS server is not blocked.
- Verify that you entered the correct IP address for your on-premises DNS servers. See Specify Management Gateway DNS Servers.
- Verify that your DNS server is running, and bring it back up if it is down.