[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Pushing DNS to Linux


  • Subject: Re: [Openvpn-users] Pushing DNS to Linux
  • From: "John A. Sullivan III" <jsullivan@xxxxxxxxxxxxxxxxxxx>
  • Date: Fri, 14 Apr 2006 10:22:33 -0400

Thank you and we could indeed do so.  But we were hoping for something
simpler and similar to our experience in Windows where the DNS is
altered only during the VPN session.  This is important since the user
does not connect regularly - John

On Fri, 2006-04-14 at 14:57 +0200, BlaaT 0001 wrote:
> Hello John,
> 
> I have zero experience in running a Linux OpenVPN client so don't take
> my word for it.
> 
> Could you not simply add the DNS server to /etc/resolv.conf on the
> client? Resolving might be a bit slow though.
> 
> Perhaps use a CCD for the client to statically configure the IP of the
> client on the server side and than still use DHCP on the client?
> 
> UP / DOWN script on the Linux client to add / remove the DNS server to
> /etc/resolv.conf?
> 
> Cheers,
> 
> BlaaT
> 
> 
> On 4/14/06, John A. Sullivan III <jsullivan@xxxxxxxxxxxxxxxxxxx> wrote:
> > Pushing DNS to windows clients who are DHCP configured is working
> > perfectly fine.  However, I have one Linux user who uses a fixed IP
> > address and thus fixed DNS (resolv.conf file).  This Linux user does not
> > appear to use the pushed DNS when they connect.  Is this because the
> > user is not using DHCP for their LAN connection, because they are using
> > Linux rather than Windows or because I have misconfigured? I am running
> > openvpn 2.1 beta 8 I believe.
> >
> > Here is the server configuration file:
> >
> > port 11194
> > proto udp
> > dev tun12
> > key /etc/ipsec.d/private/vpn1dc1k.pem
> > cert /etc/ipsec.d/certs/vpn1dc1c.pem
> > ca /etc/ipsec.d/cacerts/AtlasCA.pem
> > crl-verify /etc/ipsec.d/crls/AtlasCRL.pem
> > dh /etc/openvpn/certs/dh5.pem
> > server 172.26.206.192 255.255.255.192
> > topology subnet
> > ifconfig-pool-persist ipp.txt
> > #push "redirect-gateway def1"
> > push "route 172.26.207.0 255.255.255.0"
> > push "route 172.26.204.0 255.255.255.0"
> > push "dhcp-option DNS 172.26.207.13"
> > client-connect /etc/openvpn/clientconn.script
> > client-disconnect /etc/openvpn/clientdisconn.script
> > keepalive 10 120
> > tls-auth /etc/openvpn/tlsauthatlas 0
> > comp-lzo
> > status /var/log/openvpn/openvpn-status.log
> > log-append  /var/log/openvpn/openvpn.log
> > verb 3
> > #fragment 1400
> > #mssfix
> > passtos
> > management 127.0.0.1 11194 /etc/openvpn/mgmtfile
> >
> > --
> > John A. Sullivan III
> > Open Source Development Corporation
> > +1 207-985-7880
> > jsullivan@xxxxxxxxxxxxxxxxxxx
> >
> > Financially sustainable open source development
> > http://www.opensourcedevel.com
> >
> >
> >
> > -------------------------------------------------------
> > This SF.Net email is sponsored by xPML, a groundbreaking scripting language
> > that extends applications into web and mobile media. Attend the live webcast
> > and join the prime developer group breaking into this new coding territory!
> > _______________________________________________
> > Openvpn-users mailing list
> > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> > https://lists.sourceforge.net/lists/listinfo/openvpn-users
> >
-- 
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan@xxxxxxxxxxxxxxxxxxx

Financially sustainable open source development
http://www.opensourcedevel.com


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users