@Not able to create external trust in Azure ADDS ,
The error states that you may not have DNS resolution working properly . I read through all the steps you mentioned and I think you may need to create a conditional forwarding in the DNS on the Azure AD DS side with your on-prem DC's as well for webshot.ml zone and make sure that incoming requests on port 53 are allowed on your on-premise DCs in VMware workstation through the certificate VPN tunnel .
This should take care of your external trust issue . Please check the article https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/config-firewall-for-ad-domains-and-trusts for list of ports which will need to be open in your case allowing the incoming requests . since you have been able to get the incoming trust working on the on-prem side , I think you would not have issue with ports and they should be open through your VPN tunnel . In all probability it is a DNS error as per the details provided by you . I think setting up conditional forwarding on the DNS as suggested will make it work for you . Do let us know in case you still get any other error and we will continue to help you .
Thank you.
----------------------------------------------------------------------------------------------------------------------------------------------------------
- Please don't forget to click on or upvote button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how
- Want a reminder to come back and check responses? Here is how to subscribe to a notification
- If you are interested in joining the VM program and help shape the future of Q&A: Here is how you can be part of Q&A Volunteer Moderators