Share via

Private DNS resolver unable to resolve on-premises hosts.

Gomolemo 85 Reputation points
2025-12-02T15:35:47.7433333+00:00

Hi Everyone

I have setup Private DNS resolver with Inbound Endpoint and with this I am to resolve Azure hosts on my onpremise hosts.

I have also setup Outbound Endpoint and associated it with forwarding ruleset for my on-premises domain with on-premises dns servers IPs.

I cant resolve my on-premise hosts within azure. Not sure what I am doing wrong here.

Can someone please assist?

Azure DNS
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2025-12-02T15:36:59.11+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    To resolve on-premises hosts from Azure using the Private DNS Resolver, ensure that the following configurations are correctly set up:

    1. Outbound Endpoint: Verify that your outbound endpoint is correctly configured and associated with the forwarding ruleset for your on-premises domain. This ruleset should specify the IP addresses of your on-premises DNS servers.
    2. Forwarding Ruleset: Check that the forwarding ruleset includes a rule for your on-premises domain (e.g., contoso.com) and that it is enabled. The destination IP address in the rule should point to your on-premises DNS server.
    3. Network Connectivity: Ensure that there is proper network connectivity between your Azure virtual network and your on-premises network. This may involve checking VPN or ExpressRoute configurations if applicable.
    4. DNS Settings: Make sure that your Azure resources (such as VMs) are configured to use the Private DNS Resolver for DNS queries. You should not change the DNS settings for your virtual network to use the inbound endpoint IP address directly; instead, leave the default DNS settings.
    5. Testing: You can test the resolution by issuing a DNS query from an Azure VM for a record in your on-premises domain. If the configuration is correct, it should resolve successfully.

    If you have checked all these configurations and are still facing issues, consider reviewing the logs for any errors or reaching out to Azure support for further assistance.

    0 comments
  2. Vallepu Venkateswarlu 1,235 Reputation points Microsoft External Staff Moderator
    2025-12-02T18:17:54.37+00:00

    HI @ Gomolemo,

    Welcome to Microsoft Q&A Platform.

    Azure VMs cannot resolve on-prem DNS names because the outbound DNS forwarding path is not fully configured. Per Microsoft’s “Traffic flow for a VM DNS query via DNS Private Resolver,” Azure DNS only forwards a query to the outbound endpoint when a forwarding rule exists, the ruleset is linked to the VNet, and the outbound subnet can reach the on-prem DNS servers.

    Architecture diagram that shows traffic with DNS Private Resolver when a spoke VM issues a DNS request.

    After configuring the forwarding rule, VNet link, and ensuring connectivity (UDP/TCP 53) to on-prem DNS, Azure VMs will resolve on-prem names successfully.

    After completing all the steps make sure to restart the VM and test the connectivity.

    Please 210246-screenshot-2021-12-10-121802.pngand “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.