Allow DNS over TCP

Co-authored-by: Thimo Limpert <[email protected]>
qbeyond · Apr 10, 2024 · 03c1063 · 03c1063
1 parent 616d585
commit 03c1063
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/main.tf b/main.tf
@@ -75,7 +75,7 @@ resource "azurerm_firewall_policy_rule_collection_group" "this" {
 
       rule {
         name                  = "allow-dc-to-dnsresolver-inbound"
-        protocols             = ["UDP"]
+        protocols             = ["UDP","TCP"]
         source_ip_groups      = var.ipg_onpremise_dc_id != null ? [var.ipg_azure_dc_id, var.ipg_onpremise_dc_id] : [var.ipg_azure_dc_id]
         destination_ip_groups = [var.ipg_dnsprivateresolver_id]
         destination_ports     = ["53"]