Hello @MS Techie ,
Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.
I understand that you have Azure to on-premises connectivity via Express Route and have created private endpoints for Azure resources for secured connection, however your on-premises servers are not able to resolve the private endpoint FQDN to private IP and would like to know how to fix it.
For on-premises workloads to resolve the FQDN of a private endpoint, use a DNS forwarder to resolve the Azure service public DNS zone in Azure. A DNS forwarder is a Virtual Machine running on the Virtual Network linked to the Private DNS Zone that can proxy DNS queries coming from other Virtual Networks or from on-premises. This is required as the query must be originated from the Virtual Network to Azure DNS. A few options for DNS proxies are: Windows running DNS services, Linux running DNS services, Azure Firewall.
If you check the table in Name resolution for resources in Azure virtual networks article, you can find the below:
https://video2.skills-academy.com/en-us/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances
Currently, there is no other way to accomplish this requirement as conditional forwarding isn't natively supported for Azure Private DNS but Azure Private DNS Zone resolution from On-Premise is planned and is on the roadmap. You can vote for this feature in the below forum:
https://feedback.azure.com/d365community/idea/f50bd7e3-8526-ec11-b6e6-000d3a4f0789
Hence, at the moment, you need to configure your on-premises DNS solution to forward DNS traffic to Azure DNS via a conditional forwarder that references the DNS forwarder deployed in Azure.
Kindly let us know if the above helps or you need further assistance on this issue.
----------------------------------------------------------------------------------------------------------------
Please "Accept the answer" below if the information helped you. This will help us and others in the community as well.