Menu
▾
▴
Re: [Openvpn-users] Pushing multiple domains to clients does not work
|
From: Jan J. K. <ja...@ni...> - 2009-10-26 22:08:31
|
Hi Klaus, Klaus Schniedergers wrote: > Thanks for your suggestions. > > It seems that the comma separated syntax is not accepted by the server. > The semicolon separated list is accepted, and shows up as one string > "admin.blah.com;blah.com" in the domain field for "ipconfig /all" on > the Windows clients, but this seems to not be understood by the client > (i.e. no names resolve in either domain). > With a space separated list of domains, only the first one is taken > and honored by the client. > > > > I just remembered this: AFAIK Windows does not support a domain search list being pushed out by a DHCP server; perhaps this changed in Windows Vista/7, but Windows 2000 and XP simply ignored a domain search list. This has nothing to do with OpenVPN but with the operating system itself. Note that OpenVPN sends out a single domain (DHCP option 15) to indicate the domain that the openvpn IP/hostname itself is in. To push multiple domains a different DHCP option is needed (119) , which openvpn currently does not support, as most Windows flavours also do not (did not?) do anything with the option, were it implemented. HTH, JJK > On Mon, Oct 26, 2009 at 2:45 AM, Jan Just Keijser <ja...@ni...> wrote: > >> Klaus Schniedergers wrote: >> >>> Hi, >>> >>> I am trying to push multiple domains (blah.com and admin.blah.com) to >>> Windows OpenVPN clients, so the configuration on the server is: >>> >>> push "dhcp-option DOMAIN blah.com" >>> push "dhcp-option DOMAIN admin.blah.com" >>> >>> However, the clients (Windows 7) only resolve hosts in the 2nd domain. >>> Is this the correct way to push multiple domains? >>> >>> >>> >> nope, you need to push all domains in a single entry; try >> push "dhcp-option DOMAIN blah.com,admin.blah.com" >> or >> push "dhcp-option DOMAIN blah.com;admin.blah.com" >> >> (I forget which one is the correct one). >> >> HTH, >> >> JJK >> >> >> |
