Local DNS resolving
Posted: Mon Feb 26, 2024 3:28 pm
Hi,
I've been asked to make a POC for using OpenVPN with Ubiquiti for remote users.
There are a few routes that need to go through the VPN.
And, each user must still be able to access his own (Home) network and DNS (not company side) for resolving IP to hostnames. (requirement).
With DNS, I'm not referring to internet DNS like 1.1.1.1 ; 8.8.8.8 ; but something like 192.168.x.y / 172.16.x.y / 10.x.y.z on het home network of the remote user.
I also disabled "redirect-gateway def1" so local (home) IP is reachable.
My current ovpn file configuration:
What line/rule must I add so that both Server DNS and local (Home/remote user) both are available? This as each remote users' network can be/is configured differently. All systems or either Mac or Windows.
So far, I'm able to reach the network(s) on the remote site (server/office), and I'm able to ping my local (home) network (ex my personal printer), but the DNS hostname of my printer can't be resolved as only the remote VPN DNS server is listed.
Thanks for the help.
Geert
I've been asked to make a POC for using OpenVPN with Ubiquiti for remote users.
There are a few routes that need to go through the VPN.
And, each user must still be able to access his own (Home) network and DNS (not company side) for resolving IP to hostnames. (requirement).
With DNS, I'm not referring to internet DNS like 1.1.1.1 ; 8.8.8.8 ; but something like 192.168.x.y / 172.16.x.y / 10.x.y.z on het home network of the remote user.
I also disabled "redirect-gateway def1" so local (home) IP is reachable.
My current ovpn file configuration:
Code: Select all
client
dev tun
proto tcp
remote <VPN_IP_ADDRESS> <PORT>
resolv-retry infinite
nobind
# Downgrade privileges after initialization (non-Windows only)
user nobody
group nogroup
persist-key
persist-tun
auth-user-pass
remote-cert-tls server
cipher AES-256-CBC
comp-lzo
verb 3
auth SHA1
key-direction 1
reneg-sec 0
#redirect-gateway def1
route x.y.z.0 255.255.255.0
... cert info ...
So far, I'm able to reach the network(s) on the remote site (server/office), and I'm able to ping my local (home) network (ex my personal printer), but the DNS hostname of my printer can't be resolved as only the remote VPN DNS server is listed.
Thanks for the help.
Geert