I have a similar setup with one exception (which should not matter): DHCP turned off - Green Network windows AD server doing DHCP for Green Network
DHCP turned on: Blue Network I will look into adding this to the conf file, however is there a .tmpl file that may overwrite this on a OpenVPN service restart or if the box has to be rebooed for some "odd" reason? This was the case when making changes to the main.cf fle for Postfix. Rafael Fonseca wrote: > > Do you by any chance have DHCP on Green turned OFF on Endian? > > I have been looking into the config files and it seems the 'push dhcp- > options DNS xxx.xxx.xxx.xxx' line is not being written on openvpn.conf. > > I also have DHCP turned off on Green (I have a Windows Server acting > as DHCP server), and I have this weird feeling that it may be related. > > I've added the above line manually to my .conf file and will see how > it goes. > -- > Rafael Fonseca > www.nunca.com.br > > On 21/01/2009, at 5:53 PM, wharfratjoe wrote: > >> >> I just verified that this is an an issue with endian. domian is >> pushed but is >> not resolving at all. >> >> >> >> wharfratjoe wrote: >>> >>> It seems to be. >>> >>> >>> Rafael Fonseca wrote: >>>> >>>> So, just to clarify: it's NOT an issue in Endian, but rather on your >>>> outgoing firewall? >>>> >>>> I have this issue but on roadwarriors connecting to Endian from >>>> outside the office. The information is pushed, but no name >>>> resolving. >>>> -- >>>> Rafael Fonseca >>>> www.nunca.com.br >>>> >>>> On 9/01/2009, at 11:16 AM, wharfratjoe wrote: >>>> >>>>> >>>>> Incoming or outgoing? --> This is an issue with connecting to >>>>> endian >>>>> openvpn >>>>> from behind a Untangle firewall (have not figured it out yet >>>>> since i >>>>> locked >>>>> down the box pretty tight and dont have time to mess with it right >>>>> now). >>>>> >>>>> Openvpn connections endian to endian boxes resolves the "internal" >>>>> hostnames >>>>> with no problem with one exception: I have found that you need to >>>>> append the >>>>> internal domain name to the hostname (this has been this way for >>>>> awhile and >>>>> never posted about it until now) to resolve correctly. >>>>> >>>>> Here is a sample config that I started using for about a year or so >>>>> and >>>>> works fine: >>>>> >>>>> http://www.nabble.com/open-vpn-client-settings....-to13594062.html#a13596758 >>>>> >>>>> Hope this helps. >>>>> >>>>> -joe >>>>> >>>>> >>>>> Rafael Fonseca wrote: >>>>>> >>>>>> Incoming or outgoing? >>>>>> -- >>>>>> Rafael Fonseca >>>>>> www.nunca.com.br >>>>>> >>>>>> On 9/01/2009, at 10:05 AM, wharfratjoe wrote: >>>>>> >>>>>>> >>>>>>> Due to lack of sleep it was a firewall issue blicking udp port >>>>>>> 53. >>>>>>> Pushing >>>>>>> Vpn settings work fine in 2.2 RC3, as seen below >>>>>>> >>>>>>> Here is another example that is working that is running 2.2 RC3. >>>>>>> >>>>>>> Ethernet adapter {29815F69-DD48-4711-9FBD-0B4FBB37DE43}: >>>>>>> >>>>>>> Connection-specific DNS Suffix . : domain.local >>>>>>> Description . . . . . . . . . . . : TAP-Win32 Adapter V8 >>>>>>> Physical Address. . . . . . . . . : 00-FF-29-81-5F-69 >>>>>>> DHCP Enabled. . . . . . . . . . . : Yes >>>>>>> Autoconfiguration Enabled . . . . : Yes >>>>>>> IP Address. . . . . . . . . . . . : 192.168.76.230 >>>>>>> Subnet Mask . . . . . . . . . . . : 255.255.255.0 >>>>>>> Default Gateway . . . . . . . . . : >>>>>>> DHCP Server . . . . . . . . . . . : 192.168.76.0 >>>>>>> DNS Servers . . . . . . . . . . . : 192.168.76.3 >>>>>>> 192.168.76.2 >>>>>>> Lease Obtained. . . . . . . . . . : Thursday, January 08, 2009 >>>>>>> 11:31:31 >>>>>>> AM >>>>>>> Lease Expires . . . . . . . . . . : Friday, January 08, 2010 >>>>>>> 11:31:31 AM >>>>>>> >>>>>>> (I will post my .ovpn client config later today). >>>>>>> >>>>>>> >>>>>>> >>>>>>> wharfratjoe wrote: >>>>>>>> >>>>>>>> I am being pushed the settings but it is not resolving internal >>>>>>>> names when >>>>>>>> pinging, etc. >>>>>>>> >>>>>>>> Connection-specific DNS Suffix . : domainname.int >>>>>>>> Description . . . . . . . . . . . : TAP-Win32 Adapter V8 - >>>>>>>> Packet >>>>>>>> Schedu >>>>>>>> ler Miniport >>>>>>>> Physical Address. . . . . . . . . : 00-FF-E9-98-09-B8 >>>>>>>> Dhcp Enabled. . . . . . . . . . . : Yes >>>>>>>> Autoconfiguration Enabled . . . . : Yes >>>>>>>> IP Address. . . . . . . . . . . . : 172.16.0.230 >>>>>>>> Subnet Mask . . . . . . . . . . . : 255.255.255.0 >>>>>>>> Default Gateway . . . . . . . . . : >>>>>>>> DHCP Server . . . . . . . . . . . : 172.16.0.0 >>>>>>>> DNS Servers . . . . . . . . . . . : 172.16.0.3 >>>>>>>> 172.16.0.2 >>>>>>>> Lease Obtained. . . . . . . . . . : Wednesday, January 07, >>>>>>>> 2009 >>>>>>>> 9:19:49 >>>>>>>> PM >>>>>>>> Lease Expires . . . . . . . . . . : Thursday, January 07, >>>>>>>> 2010 >>>>>>>> 9:19:49 P >>>>>>>> M >>>>>>>> >>>>>>>> I will search bugtraq and if it is not already listed I will >>>>>>>> open a >>>>>>>> ticket >>>>>>>> on this. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> Rafael Fonseca wrote: >>>>>>>>> >>>>>>>>> I have noticed that the upgrade to 2.2 did NOT bring me the >>>>>>>>> push >>>>>>>>> DNS I >>>>>>>>> was waiting for. For some reason, the clients can't connect >>>>>>>>> to the >>>>>>>>> servers inside my green network without putting something >>>>>>>>> inside >>>>>>>>> the >>>>>>>>> hosts file. >>>>>>>>> >>>>>>>>> Do you guys experience the same thing? >>>>>>>>> >>>>>>>>> I have put the DNS server as follows on the VPN > Advanced > >>>>>>>>> Global >>>>>>>>> push options (as the help instructs), but no go. >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> I have also tried putting just the IP address, without /24. >>>>>>>>> >>>>>>>>> On a side note, what do you guys use in the client .ovpn >>>>>>>>> files? I >>>>>>>>> have >>>>>>>>> been collecting settings through the years and I don't know >>>>>>>>> if I'm >>>>>>>>> using the optimal settings for Endian. >>>>>>>>> >>>>>>>>> Regards, >>>>>>>>> -- >>>>>>>>> Rafael Fonseca >>>>>>>>> www.nunca.com.br >>>>>>>>> >>>>>>>>> >>>>>>>>> ------------------------------------------------------------------------------ >>>>>>>>> Check out the new SourceForge.net Marketplace. >>>>>>>>> It is the best place to buy or sell services for >>>>>>>>> just about anything Open Source. >>>>>>>>> http://p.sf.net/sfu/Xq1LFB >>>>>>>>> _______________________________________________ >>>>>>>>> Efw-user mailing list >>>>>>>>> Efw-user@lists.sourceforge.net >>>>>>>>> https://lists.sourceforge.net/lists/listinfo/efw-user >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> -- >>>>>>> View this message in context: >>>>>>> http://www.nabble.com/DNS-address-format-for-OpenVPN-server--tp21340568p21360926.html >>>>>>> Sent from the efw-user mailing list archive at Nabble.com. >>>>>>> >>>>>>> >>>>>>> ------------------------------------------------------------------------------ >>>>>>> Check out the new SourceForge.net Marketplace. >>>>>>> It is the best place to buy or sell services for >>>>>>> just about anything Open Source. >>>>>>> http://p.sf.net/sfu/Xq1LFB >>>>>>> _______________________________________________ >>>>>>> Efw-user mailing list >>>>>>> Efw-user@lists.sourceforge.net >>>>>>> https://lists.sourceforge.net/lists/listinfo/efw-user >>>>>> >>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> Check out the new SourceForge.net Marketplace. >>>>>> It is the best place to buy or sell services for >>>>>> just about anything Open Source. >>>>>> http://p.sf.net/sfu/Xq1LFB >>>>>> _______________________________________________ >>>>>> Efw-user mailing list >>>>>> Efw-user@lists.sourceforge.net >>>>>> https://lists.sourceforge.net/lists/listinfo/efw-user >>>>>> >>>>>> >>>>> >>>>> -- >>>>> View this message in context: >>>>> http://www.nabble.com/DNS-address-format-for-OpenVPN-server--tp21340568p21362130.html >>>>> Sent from the efw-user mailing list archive at Nabble.com. >>>>> >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Check out the new SourceForge.net Marketplace. >>>>> It is the best place to buy or sell services for >>>>> just about anything Open Source. >>>>> http://p.sf.net/sfu/Xq1LFB >>>>> _______________________________________________ >>>>> Efw-user mailing list >>>>> Efw-user@lists.sourceforge.net >>>>> https://lists.sourceforge.net/lists/listinfo/efw-user >>>> >>>> >>>> ------------------------------------------------------------------------------ >>>> Check out the new SourceForge.net Marketplace. >>>> It is the best place to buy or sell services for >>>> just about anything Open Source. >>>> http://p.sf.net/sfu/Xq1LFB >>>> _______________________________________________ > >>>> Efw-user mailing list >>>> Efw-user@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/efw-user >>>> >>>> >>> >>> >> >> -- >> View this message in context: >> http://www.nabble.com/DNS-address-format-for-OpenVPN-server--tp21340568p21577037.html >> Sent from the efw-user mailing list archive at Nabble.com. >> >> >> ------------------------------------------------------------------------------ >> This SF.net email is sponsored by: >> SourcForge Community >> SourceForge wants to tell your story. >> http://p.sf.net/sfu/sf-spreadtheword >> _______________________________________________ >> Efw-user mailing list >> Efw-user@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/efw-user > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by: > SourcForge Community > SourceForge wants to tell your story. > http://p.sf.net/sfu/sf-spreadtheword > _______________________________________________ > Efw-user mailing list > Efw-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/efw-user > > -- View this message in context: http://www.nabble.com/DNS-address-format-for-OpenVPN-server--tp21340568p21616174.html Sent from the efw-user mailing list archive at Nabble.com. ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword _______________________________________________ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
