Hello,
I have setup OpenVPN before without any problems but this time I'm having at least DNS problems on the client.
In NAT mode the desktop client can connect and I can ping and successfully connect to things by IP but when I run nslookup it reports that the default DNS server is "Unknown" and lookups fail (although if I explicitly specify the correct DNS server the query is rejected anyway). Meaning nothing with hostnames will work.
In Bridged mode (which is what I really want) the desktop client connects but I cannot ping anything and nslookup won't even really run because it looks like it's failing to find a suitable DNS server.
The same behavior is exhibited by two different Windows 7 laptops as clients.
The only difference between my previous install and the new failed install is that with the new install, the vpn server has two NICs, one for the IntErnet and one for the IntrAnet. Whereas with the working install the server has one nic and I use port forwarding on the ISP modem to direct traffic to and from the internal vpn server. So the broken vpn settings are for eth1 which is the IntErnet and so it seems the vpn daemon is totally unaware of eth0 which is the IntrAnet I'm trying to bridge clients into.
Also, note that the vpn server is also the DNS server for the IntrAnet (listening on eth0 and lo but not eth1). So the server is the gateway, firewall, vpn server and DNS.
So can you use OpenVPN in this scenario? If so, how?
Any help would be much appreciated.
Mike
dual interfaces on server trickiness
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
ioplex
- OpenVpn Newbie
- Posts: 1
- Joined: Mon Aug 15, 2011 6:05 am
-
janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: dual interfaces on server trickiness
is the right DNS server pushed out to the clients? is the setting picked up correctly by the clients? does the DNS server have a valid hostname associated with it? some clients refuse to use DNS servers that themselves do not have a host nameIn NAT mode the desktop client can connect and I can ping and successfully connect to things by IP but when I run nslookup it reports that the default DNS server is "Unknown" and lookups fail (although if I explicitly specify the correct DNS server the query is rejected anyway). Meaning nothing with hostnames will work.
yes this is possible using bridging: bridge eth0 and tap0 and configure openvpn to use 'server-bridge' + 'dev tap0'.So can you use OpenVPN in this scenario? If so, how?
-
Mimiko
- Forum Team
- Posts: 1564
- Joined: Wed Sep 22, 2010 3:18 am
Re: dual interfaces on server trickiness
Looks like a access is lacking on bind. See the settings for bind where:and lookups fail (although if I explicitly specify the correct DNS server the query is rejected anyway)
Code: Select all
allow-query { ??? };
allow-query-cache { ??? };
Use this howto for how to bridge: http://www.openvpn.net/index.php/open-s ... dging.html