Menu
▾
▴
Re: [Openvpn-users] RESOLVE: Cannot resolve host address: ... [HOST_NOT_FOUND]
|
From: Josh C. <jos...@us...> - 2009-03-07 00:51:41
|
kwa...@ya... wrote: > On a Ubuntu desktop system, this is the OpenVPN client conf file: > ==================== > dev tun001 > proto udp > remote NameOfOurVPNserver.org > ifconfig 192.168.21.2 192.168.21.1 > secret /home/myself/data/staticVPN.key > log /home/myself/data/logOpenVPN.txt > verb 3 > comp-lzo > keepalive 10 60 > ping-timer-rem > persist-tun > persist-key > user openvpn > group openvpn > daemon > ==================== > > At boot time, the client system log "/home/myself/data/logOpenVPN.txt" contains: > ... > RESOLVE: Cannot resolve host address: NameOfOurVPNserver.org: [HOST_NOT_FOUND] The specified host is unknown. > ... > RESOLVE: Cannot resolve host address: NameOfOurVPNserver.org: [HOST_NOT_FOUND] The specified host is unknown. > ... > > I understand that this is only a OpenVPN client side issue because > the "NameOfOurVPNserver.org" is accessible from everywhere else. > > Also, I replaced > remote NameOfOurVPNserver.org > with > remote a.b.c.d > where a.b.c.d is the static WAN ip address of NameOfOurVPNserver.org > then I rebooted this Ubuntu system and this OpenVPN client works immediately. > > How can I make this OpenVPN client resolve the host address "NameOfOurVPNserver.org" ? Fix your DNS for this client. This has nothing to do with the OpenVPN client and everything to do with the client's domain name resolver. The command line tools "host" and "nslookup" (and perhaps "dig" if you have it installed on a Unix-like OS) will allow you to perform a DNS lookup on the domain you're attempting to reach. It might be worth double-checking that the domain name you're trying to lookup really is reachable on the Internet by trying a query through 4.2.2.1 or another public DNS server (eg: "nslookup NameOfOurVPNserver.org 4.2.2.1".) If you can't fix the broken DNS, you could either use the IP since you know that works or edit the system's hosts file to hardcode the correct IP for that domain name. Both of these are rather hackish solutions and should be avoided unless there's no other way around the problem as future IP changes must be updated by hand. -- Josh |
