TerryJC wrote: ↑16/04/2022, 12:32I will have one last attempt to get to the bottom of this through the Linux User Group. There has been one new thing discovered; there doesn't seem to be a route between the VPN Server and the Webserver. It seems to me that would account for the behaviour I'm seeing but I can't see why the routing isn't working at the moment.
Well after several valiant efforts I still can't get to the bottom of this.
I rather suspect that the culprit here is nodogsplash. On initial connection to the Webserver nodogsplash kicks in and directs the User's browser to the Splash page (the 'press continue to access our content' thing). It is possible that this hijacks contact from sources not on the WMT Server and thus prevents 'normal' access. Additionally, nodogsplash has some extremely complex iptables rules configured, which may be preventing access from outside connections via VPN but allowing internal access from devices on the 192.168.0.0/24 network. I can't understand them but I think it is possible.
At the end of the day, the functionality provided by the DNS server is not super critical, so we can continue to live with it I think. In the long term, I could move the DNS Server off the Webserver and onto another WMT Network device. There aren't any obvious candidates but we could use the Minster Music Pi for example. I had hoped that the NAS Box could host a DNS Server, but alas it doesn't seem to support it (my ReadyNAS has a DNS Server as an App).
As I say, I'm sure we could live with this.