Connecting with client using CentOS7

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
zaza_b
OpenVpn Newbie
Posts: 1
Joined: Sun Aug 27, 2017 4:22 pm

Connecting with client using CentOS7

Post by zaza_b » Sun Aug 27, 2017 4:34 pm

Hi
CentOS Linux release 7.3.1611 (Core)
OpenVPN 2.4.3 x86_64-redhat-linux-gnu
Installed using EPEL repository,

Issue is that after connection OpenVPN can't resolve any domain in Private network
I suppose because can't make any changes in resolv.conf ?

I've seen a small note..:
When a Linux/Unix client is used with Access Server, the Access Server is unable to alter the DNS settings on the client in question.

Nice that you lads did notice it :)
But what about some recomended solution ? :)

Regards

User avatar
novaflash
OpenVPN Inc.
Posts: 1073
Joined: Fri Apr 13, 2012 8:43 pm

Re: Connecting with client using CentOS7

Post by novaflash » Tue Sep 05, 2017 8:39 am

You probably have already found the answer with a quick Google, but basically, the situation is that on Windows, Macintosh, iOS, and Android, the method to implement a DNS server is pretty much a fixed method, meaning there's a limited number of ways of doing it on those platforms and you can be pretty sure that when you use that method, it will work for pretty much everyone that uses those platforms.

On Linux, there are a few different methods available, as there are also a ton of different Linux versions/distributions out there that can be wildly different, and you cannot count on one method working for all these different versions. So instead, this function is left out.

However on most platforms you can use or install resolvconf, a package meant for dealing with DNS configuration. Some open source OpenVPN installations on Linux come bundled with a script usually stored in /etc/openvpn/ that is designed to update resolvconf DNS configuration with new settings received from OpenVPN. Usually this means adding instructions to your configuration file that when the connection goes up, that script has to be called (to implement new DNS servers), and likewise when the connection goes down, that script has to be called again (to undo the changes made). Usually that means implementing 3 lines like these;

script-security 2
up /etc/openvpn/update-resolv-conf.sh
down /etc/openvpn/update-resolv-conf.sh

That will usually do the trick. You can find more info here, which I just found with a quick Google search;
https://github.com/masterkorp/openvpn-u ... esolv-conf

Good luck.
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.

klanimantsi
OpenVpn Newbie
Posts: 13
Joined: Mon Sep 04, 2017 9:00 am

Re: Connecting with client using CentOS7

Post by klanimantsi » Tue Sep 05, 2017 10:05 am

novaflash wrote:You probably have already found the answer with a quick Google, but basically, the situation is that on Windows, Macintosh, iOS, and Android, the method to implement a DNS server is pretty much a fixed method, meaning there's a limited number of ways of doing it on those platforms and you can be pretty sure that when you use that method, it will work for pretty much everyone that uses those platforms.

On Linux, there are a few different methods available, as there are also a ton of different Linux versions/distributions out there that can be wildly different, and you cannot count on one method working for all these different versions. So instead, this function is left out.

However on most platforms you can use or install resolvconf, a package meant for dealing with DNS configuration. Some open source OpenVPN installations on Linux come bundled with a script usually stored in /etc/openvpn/ that is designed to update resolvconf DNS configuration with new settings received from OpenVPN. Usually this means adding instructions to your configuration file that when the connection goes up, that script has to be called (to implement new DNS servers), and likewise when the connection goes down, that script has to be called again (to undo the changes made). Usually that means implementing 3 lines like these;

script-security 2
up /etc/openvpn/update-resolv-conf.sh
down /etc/openvpn/update-resolv-conf.sh

That will usually do the trick. You can find more info here, which I just found with a quick Google search;
https://github.com/masterkorp/openvpn-u ... esolv-conf

Good luck.
Couldn't have said it better myself

User avatar
novaflash
OpenVPN Inc.
Posts: 1073
Joined: Fri Apr 13, 2012 8:43 pm

Re: Connecting with client using CentOS7

Post by novaflash » Tue Sep 05, 2017 10:18 am

Couldn't have said it better myself
Don't be so modest, I'm sure you could have added some funny anecdotes or unicorns or such, surely!
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.

Post Reply