Page 1 of 1
DNS queries through established client access tunnel
Posted: Sun Oct 16, 2011 3:53 pm
by gopher49
I setup openvpn on a clean install of Ubuntu v10. I got my Ubuntu install to resolve correctly in regards to local domain queries by adding the syntax 'domain mydomain.local' to the resolv.conf file. I did this to my other Linux servers and they can now run queries to my Windows 2008 DNS server. Now, when a client connects to my VPN I get the same symptoms I had prior to adding 'domain mydomain.local'. How do I push DNS settings to my VPN cilents to where they resolve my local DNS server properly?
Re: DNS queries through established client access tunnel
Posted: Mon Oct 17, 2011 7:14 am
by janjust
windows clients will automatically pick up DNS settings pushed out using
sometimes it is necessary to add
to the windows client config to make sure Windows picks up the new DNS server.
Re: DNS queries through established client access tunnel
Posted: Tue Oct 18, 2011 3:05 am
by gopher49
I already had the push DNS option enabled. I also added the register-dns command to my openvpn client.. Still no luck... I get the below error:
C:\Users\user>nslookup appserver1
Server: UnKnown
Address: 192.168.160.5
*** UnKnown can't find appserver1: No response from server
I can't ping it either.
Re: DNS queries through established client access tunnel
Posted: Tue Oct 18, 2011 3:12 am
by gopher49
Also,
The last symptoms I sent are when trying to query a local Linux DNS server. When trying to run queries against my Windows DNS server it gives me a response but it fowards the requestes to my external DNS server for it can't resolve them locally....
Re: DNS queries through established client access tunnel
Posted: Tue Oct 18, 2011 6:29 am
by janjust
without more info about your VPN and network setup it is impossible to tell what is happening.
Is the 160.5 address the VPN IP address of the DNS server? is routing established correctly? the fact that you also cannot ping this address suggests that you first have to solve a routing issue.
Re: DNS queries through established client access tunnel
Posted: Tue Oct 18, 2011 1:49 pm
by gopher49
It's now working... I've been testing it against two different DNS server. Your register-dns statement in the client config got it working on my Windows DNS server. My Linux DNS server still doesn't answer requests through the tunnel.
Now,
What am I missing in my BIND config to not allow requests from the VPN network? Is it a security setting maybe? On my local LAN any of the host can query the Linux DNS server. Also, I'm able to ping the Linux box just fine through the network. I'm running IPtables on my Linux box but it's just being used for routing and to my knowledge no firewalls rules are enabled.