DNS queries through established client access tunnel

Ask questions about your Access Server configuration here.
Post Reply
gopher49
OpenVpn Newbie
Posts: 4
Joined: Sun Oct 09, 2011 4:43 am

DNS queries through established client access tunnel

Post by gopher49 » Sun Oct 16, 2011 3:53 pm

I setup openvpn on a clean install of Ubuntu v10. I got my Ubuntu install to resolve correctly in regards to local domain queries by adding the syntax 'domain mydomain.local' to the resolv.conf file. I did this to my other Linux servers and they can now run queries to my Windows 2008 DNS server. Now, when a client connects to my VPN I get the same symptoms I had prior to adding 'domain mydomain.local'. How do I push DNS settings to my VPN cilents to where they resolve my local DNS server properly?

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: DNS queries through established client access tunnel

Post by janjust » Mon Oct 17, 2011 7:14 am

windows clients will automatically pick up DNS settings pushed out using

Code: Select all

push "dhcp-option DNS <IP>"
sometimes it is necessary to add

Code: Select all

register-dns
to the windows client config to make sure Windows picks up the new DNS server.

gopher49
OpenVpn Newbie
Posts: 4
Joined: Sun Oct 09, 2011 4:43 am

Re: DNS queries through established client access tunnel

Post by gopher49 » Tue Oct 18, 2011 3:05 am

I already had the push DNS option enabled. I also added the register-dns command to my openvpn client.. Still no luck... I get the below error:

C:\Users\user>nslookup appserver1
Server: UnKnown
Address: 192.168.160.5

*** UnKnown can't find appserver1: No response from server

I can't ping it either.

gopher49
OpenVpn Newbie
Posts: 4
Joined: Sun Oct 09, 2011 4:43 am

Re: DNS queries through established client access tunnel

Post by gopher49 » Tue Oct 18, 2011 3:12 am

Also,

The last symptoms I sent are when trying to query a local Linux DNS server. When trying to run queries against my Windows DNS server it gives me a response but it fowards the requestes to my external DNS server for it can't resolve them locally....

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: DNS queries through established client access tunnel

Post by janjust » Tue Oct 18, 2011 6:29 am

without more info about your VPN and network setup it is impossible to tell what is happening.
Is the 160.5 address the VPN IP address of the DNS server? is routing established correctly? the fact that you also cannot ping this address suggests that you first have to solve a routing issue.

gopher49
OpenVpn Newbie
Posts: 4
Joined: Sun Oct 09, 2011 4:43 am

Re: DNS queries through established client access tunnel

Post by gopher49 » Tue Oct 18, 2011 1:49 pm

It's now working... I've been testing it against two different DNS server. Your register-dns statement in the client config got it working on my Windows DNS server. My Linux DNS server still doesn't answer requests through the tunnel.

Now,

What am I missing in my BIND config to not allow requests from the VPN network? Is it a security setting maybe? On my local LAN any of the host can query the Linux DNS server. Also, I'm able to ping the Linux box just fine through the network. I'm running IPtables on my Linux box but it's just being used for routing and to my knowledge no firewalls rules are enabled.

Post Reply