Menu
▾
▴
Re: [Openvpn-users] How to use dns to resolv some hostname at VPN clients?
|
From: Jan J. K. <ja...@ni...> - 2010-01-27 10:19:31
|
Hi Daniel, Daniel Louvier wrote: > Ok, sorry. > > I'm going to explaint it better. > > I have a VPN wich with two servers connected there. I want to connect > to that VPN Network from any remote location, installing VPN at clients. > > Now, if i want to access to that server, i must to put their IP > address to enter, and i want to change this to access to server using > a domain name. > > "no-resolv > address=/servername.vpn.domain.com/192.168.252.10 > <http://servername.vpn.domain.com/192.168.252.10>" > > Ok, lets go to clients now: > > First i tried with Ubuntu, i tried to ping IP address where are > installed dnsmasq, it works!, later, i edited my client ubuntu > /etc/resolv.conf and added after the content nameserver 192.168.252.1, > and i tried to nsloopuk any server domain at vpn, DON'T WORK, i > changed the position of nameserver 192.168.252.1 to first position, > and the resolution of the name WORKS!, BUT, only resolv the name who > know that dnsmasq, and don't try to resolv using the rest of > nameserver of /etc/resolv.conf > Sounds like you're looking for split-DNS . What you're trying now will not work. That's not how name resolving works : name resolving picks the first working DNS server and queries it; if that server returns 'address not found' then the resolver does NOT proceed to the next name server ; for that you'll need a more complicated DNS setup, but that is off-topic for this openvpn list > Now, Windows. I connect using OpenVPN gui, when it's ready, i'm going > to Network Config, check details from VPN Adapter (TAP0) and it's > appear the nameserver 192.168.252.1 (appear to be correct), but, if i > try to nslookup any domain of my vpn (server1.vpn.domain.com > <http://server1.vpn.domain.com> for example), don't work and appear > this message "*** Can't find server name for address 192.168.252.1 > <http://192.168.252.1>: Query refused" > > That message seem that, 192.168.252.1 is not a valid nameserver, but > the resolution works with ubuntu (not totally, but work). > > err, if windows refuses to use a domain server for which it itself cannot find a name then that's a Windows issue... again, off-topic for the openvpn list. Your best bet is to make sure that the address 192.168.252.1 resolves on windows , either by adding this address to the DNS server itself or by temporarily adding this IP and a name to the local Windows host file. HTH, JJK > For that, where i have installed OpenVPN as server, i installed > dnsmasq, at his config file i added: > > address= > > 2010/1/27 Jan Just Keijser <ja...@ni... <mailto:ja...@ni...>> > > Hi, > > Daniel Louvier wrote: > > Hello, > > I have a VPN (using a OpenVPN as bridged). Clients got IP by > OpenVPN dhcp and i trying that OpenVPN give to theirs a valid > dns server to resolv some hostname that are at VPN network, > but use his respective DNS to resolv any other domain. > > I changed /etc/dnsmasq.conf and i added the host and his IP, > and putting nameserver has primary dns server, it resolv well > to my Ubuntu, but if i give the dnsserver has a dhcp option, > don't work. > > At windows, i saw that it give the dns server at tap > interface, but when i try to nslookup any of my vpn domain i > gives: > "*** Can't find server name for address 192.168.252.1 > <http://192.168.252.1/>: Query refused" > > > your post is slightly confusing: are both the ubuntu client *and* > the windows client failing? if so then you're most likely looking > at a routing or firewalling issue, ie you're not allowed to > connect to the remote DNS server over the VPN. > > If the ubuntu client is working but the windows client is not, > then you're looking at the infamous "windows does not pick up VNP > DNS servers very well" problem, which can usually be alleviated using > net stop dnscache > net start dnscache > at the client side. > > HTH, > > JJK > > |