[1]
https://openvpn.net/index.php/open-sour ... l#redirect
in my case (non-windows) what scripting needs to be done on the server to allow "non-Windows clients with some extra server-side scripting" ?
when making dns queries from the client, and tracing from the server, the IP of the server (its LAN IP, not the openvpn virtual subnet IP) makes the dns query back to the (clients) mobile broadband provider's default dns servers - bad.
why is this ?
i need to make dns requests from clients go to the openvpn server which is setup using unbound and dnscrypt - which rules achieve that ?
setup:
server running 2.3.2 from ovpn repos on mint/ubuntu amd-64
server running unbound listening on 127.0.0.1:53 forwarding requests to dnscrypt-proxy on 127.0.0.1:2053
iptables default deny policy
eth0 connection is configured for dns servers on 127.0.0.1 and ::1
client on android running openvpn settings app (using openvpn 2.1.4 i686 from my 2.3.7 phone)
server:
port 1194
proto udp
dev tun
ca ..............crt
cert ...........crt
key ...........key
dh dh2048.pem
server 10.23.0.0 255.255.0.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 77.109.138.45"
keepalive 10 30
tls-auth tlsauth.key 0
cipher BF-CBC
comp-lzo
max-clients 10
persist-key
persist-tun
status openvpn-status.log
verb 4
mute 20
auth-nocache
script-security 2
crl-verify crl.pem
client:
client
dev tun
proto udp
remote ................ 1194
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
remote-cert-tls server
tls-auth tlsauth.key 1
ca ...........crt
cert ...........crt
key ............key
comp-lzo yes
cipher BF-CBC
script-security 2
verb 4
keepalive 15 60
auth-nocache
what "extra server-side scripting" is required for [1]
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
shmick
- OpenVpn Newbie
- Posts: 4
- Joined: Sat Aug 10, 2013 7:49 pm