[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] How do automatically set a new nameserver using OpenVPN 2.0rc6 on Mac OSX?

  • Subject: [Openvpn-users] How do automatically set a new nameserver using OpenVPN 2.0rc6 on Mac OSX?
  • From: Tim Bruijnzeels <tim.bruijnzeels@xxxxxxxxxxxxxxxxxx>
  • Date: Tue, 11 Jan 2005 18:30:09 +0100


I have the following problem:

I am using OpenVPN 2.0rc6 with lzo-1.8.0 on a Mac (OSX v.10.3.7) using Matthias Nissler's Tun/Tap driver (http://www-user.rhrk.uni-kl.de/~nissler/tuntap/ <http://www-user.rhrk.uni-kl.de/%7Enissler/tuntap/> see install notes for mac) to connect as a client to a Linux OpenVPN server.

Connecting to the VPN seems to work fine, but for name resolution. My machine still wants to use the old nameserver it got via DHCP from the network it was connected to; this is a problem as I need to be able to resolve names that exist in the internal network only. I know for windows clients it's possible to specify your new (internal) nameserver using:
dhcp-option DNS xxx.xxx.xxx.xxx

But this does not work for Mac.

I have tried using:
push dhcp-option DNS xxx.xxx.xxx.xxx

On the server to coerce clients to use this as their new nameserver, but this didn't work either.

I can access the new nameserver over the VPN however: dig @xxx.xxx.xxx.xxx works fine. So, if I manually edited /etc/resolv.conf to point to the new nameserver I get better results from the commandline (dig works without @..). But my applications (thunderbird, safari, etc.) refuse to use the new nameserver settings then. Pointing my email client to my mailserver' s internal ip-address instead of its name works fine.
Manually changing /etc/resolv.conf is not something I like to do. It seems it doesn't even do the job :(. But in the light of troubleshooting...

So my question is: is there any way to make my mac correctly use a new nameserver upon connecting? Preferably automatic, and preferably reverting to the old nameserver when I disconnect. Much like what's implemented for windows clients.

An excerpt of my config-file follows below..

Thanks for your help,

Tim Bruijnzeels

--------------- client config-file --------
port 5000
dev tun
remote fully.qualified.domain.name
ca    /path/to/ca.crt
cert /path/to/my.crt
key  /path/to/my.key
dh   /path/to/dh.pem
dhcp-option DNS xxx.xxx.xxx.xxx
ping 10
ping-restart 20
resolv-retry 1800
verb 4

The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
Openvpn-users mailing list