Anyword as to a work around for this? I also noticed that when connected from
a local network to a remote network, the local dns for that local network
stops resolving correctly. After you disconnect from the remote network loca
dns starts resolving correctly again.
For example:
Remote network is 192.168.1.0/24
Local Network is 172.16.0.0/24
I vpn successfully to remote network. Now when i go to browse, ping or use a
local resource on the 172.16.0.0/24, i cannot resolve at all.
This local resource of nas-nttr should resolve to 172.16.0.5. Hence I am
resolving to OpenDNS ip, which is not correct at all:
Pinging nas-nttr.nttr.int [208.67.216.132] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 208.67.216.132:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
(I will add this to the existing bugtrac ticket).
wharfratjoe wrote:
>
> I have a similar setup with one exception (which should not matter):
>
> DHCP turned off - Green Network
> windows AD server doing DHCP for Green Network
>
> DHCP turned on: Blue Network
>
> I will look into adding this to the conf file, however is there a .tmpl
> file that may overwrite this on a OpenVPN service restart or if the box
> has to be rebooed for some "odd" reason?
>
> This was the case when making changes to the main.cf fle for Postfix.
>
>
> Rafael Fonseca wrote:
>>
>> Do you by any chance have DHCP on Green turned OFF on Endian?
>>
>> I have been looking into the config files and it seems the 'push dhcp-
>> options DNS xxx.xxx.xxx.xxx' line is not being written on openvpn.conf.
>>
>> I also have DHCP turned off on Green (I have a Windows Server acting
>> as DHCP server), and I have this weird feeling that it may be related.
>>
>> I've added the above line manually to my .conf file and will see how
>> it goes.
>> --
>> Rafael Fonseca
>> www.nunca.com.br
>>
>> On 21/01/2009, at 5:53 PM, wharfratjoe wrote:
>>
>>>
>>> I just verified that this is an an issue with endian. domian is
>>> pushed but is
>>> not resolving at all.
>>>
>>>
>>>
>>> wharfratjoe wrote:
>>>>
>>>> It seems to be.
>>>>
>>>>
>>>> Rafael Fonseca wrote:
>>>>>
>>>>> So, just to clarify: it's NOT an issue in Endian, but rather on your
>>>>> outgoing firewall?
>>>>>
>>>>> I have this issue but on roadwarriors connecting to Endian from
>>>>> outside the office. The information is pushed, but no name
>>>>> resolving.
>>>>> --
>>>>> Rafael Fonseca
>>>>> www.nunca.com.br
>>>>>
>>>>> On 9/01/2009, at 11:16 AM, wharfratjoe wrote:
>>>>>
>>>>>>
>>>>>> Incoming or outgoing? --> This is an issue with connecting to
>>>>>> endian
>>>>>> openvpn
>>>>>> from behind a Untangle firewall (have not figured it out yet
>>>>>> since i
>>>>>> locked
>>>>>> down the box pretty tight and dont have time to mess with it right
>>>>>> now).
>>>>>>
>>>>>> Openvpn connections endian to endian boxes resolves the "internal"
>>>>>> hostnames
>>>>>> with no problem with one exception: I have found that you need to
>>>>>> append the
>>>>>> internal domain name to the hostname (this has been this way for
>>>>>> awhile and
>>>>>> never posted about it until now) to resolve correctly.
>>>>>>
>>>>>> Here is a sample config that I started using for about a year or so
>>>>>> and
>>>>>> works fine:
>>>>>>
>>>>>> http://www.nabble.com/open-vpn-client-settings....-to13594062.html#a13596758
>>>>>>
>>>>>> Hope this helps.
>>>>>>
>>>>>> -joe
>>>>>>
>>>>>>
>>>>>> Rafael Fonseca wrote:
>>>>>>>
>>>>>>> Incoming or outgoing?
>>>>>>> --
>>>>>>> Rafael Fonseca
>>>>>>> www.nunca.com.br
>>>>>>>
>>>>>>> On 9/01/2009, at 10:05 AM, wharfratjoe wrote:
>>>>>>>
>>>>>>>>
>>>>>>>> Due to lack of sleep it was a firewall issue blicking udp port
>>>>>>>> 53.
>>>>>>>> Pushing
>>>>>>>> Vpn settings work fine in 2.2 RC3, as seen below
>>>>>>>>
>>>>>>>> Here is another example that is working that is running 2.2 RC3.
>>>>>>>>
>>>>>>>> Ethernet adapter {29815F69-DD48-4711-9FBD-0B4FBB37DE43}:
>>>>>>>>
>>>>>>>> Connection-specific DNS Suffix . : domain.local
>>>>>>>> Description . . . . . . . . . . . : TAP-Win32 Adapter V8
>>>>>>>> Physical Address. . . . . . . . . : 00-FF-29-81-5F-69
>>>>>>>> DHCP Enabled. . . . . . . . . . . : Yes
>>>>>>>> Autoconfiguration Enabled . . . . : Yes
>>>>>>>> IP Address. . . . . . . . . . . . : 192.168.76.230
>>>>>>>> Subnet Mask . . . . . . . . . . . : 255.255.255.0
>>>>>>>> Default Gateway . . . . . . . . . :
>>>>>>>> DHCP Server . . . . . . . . . . . : 192.168.76.0
>>>>>>>> DNS Servers . . . . . . . . . . . : 192.168.76.3
>>>>>>>> 192.168.76.2
>>>>>>>> Lease Obtained. . . . . . . . . . : Thursday, January 08, 2009
>>>>>>>> 11:31:31
>>>>>>>> AM
>>>>>>>> Lease Expires . . . . . . . . . . : Friday, January 08, 2010
>>>>>>>> 11:31:31 AM
>>>>>>>>
>>>>>>>> (I will post my .ovpn client config later today).
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> wharfratjoe wrote:
>>>>>>>>>
>>>>>>>>> I am being pushed the settings but it is not resolving internal
>>>>>>>>> names when
>>>>>>>>> pinging, etc.
>>>>>>>>>
>>>>>>>>> Connection-specific DNS Suffix . : domainname.int
>>>>>>>>> Description . . . . . . . . . . . : TAP-Win32 Adapter V8 -
>>>>>>>>> Packet
>>>>>>>>> Schedu
>>>>>>>>> ler Miniport
>>>>>>>>> Physical Address. . . . . . . . . : 00-FF-E9-98-09-B8
>>>>>>>>> Dhcp Enabled. . . . . . . . . . . : Yes
>>>>>>>>> Autoconfiguration Enabled . . . . : Yes
>>>>>>>>> IP Address. . . . . . . . . . . . : 172.16.0.230
>>>>>>>>> Subnet Mask . . . . . . . . . . . : 255.255.255.0
>>>>>>>>> Default Gateway . . . . . . . . . :
>>>>>>>>> DHCP Server . . . . . . . . . . . : 172.16.0.0
>>>>>>>>> DNS Servers . . . . . . . . . . . : 172.16.0.3
>>>>>>>>> 172.16.0.2
>>>>>>>>> Lease Obtained. . . . . . . . . . : Wednesday, January 07,
>>>>>>>>> 2009
>>>>>>>>> 9:19:49
>>>>>>>>> PM
>>>>>>>>> Lease Expires . . . . . . . . . . : Thursday, January 07,
>>>>>>>>> 2010
>>>>>>>>> 9:19:49 P
>>>>>>>>> M
>>>>>>>>>
>>>>>>>>> I will search bugtraq and if it is not already listed I will
>>>>>>>>> open a
>>>>>>>>> ticket
>>>>>>>>> on this.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Rafael Fonseca wrote:
>>>>>>>>>>
>>>>>>>>>> I have noticed that the upgrade to 2.2 did NOT bring me the
>>>>>>>>>> push
>>>>>>>>>> DNS I
>>>>>>>>>> was waiting for. For some reason, the clients can't connect
>>>>>>>>>> to the
>>>>>>>>>> servers inside my green network without putting something
>>>>>>>>>> inside
>>>>>>>>>> the
>>>>>>>>>> hosts file.
>>>>>>>>>>
>>>>>>>>>> Do you guys experience the same thing?
>>>>>>>>>>
>>>>>>>>>> I have put the DNS server as follows on the VPN > Advanced >
>>>>>>>>>> Global
>>>>>>>>>> push options (as the help instructs), but no go.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> I have also tried putting just the IP address, without /24.
>>>>>>>>>>
>>>>>>>>>> On a side note, what do you guys use in the client .ovpn
>>>>>>>>>> files? I
>>>>>>>>>> have
>>>>>>>>>> been collecting settings through the years and I don't know
>>>>>>>>>> if I'm
>>>>>>>>>> using the optimal settings for Endian.
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>> --
>>>>>>>>>> Rafael Fonseca
>>>>>>>>>> www.nunca.com.br
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ------------------------------------------------------------------------------
>>>>>>>>>> Check out the new SourceForge.net Marketplace.
>>>>>>>>>> It is the best place to buy or sell services for
>>>>>>>>>> just about anything Open Source.
>>>>>>>>>> http://p.sf.net/sfu/Xq1LFB
>>>>>>>>>> _______________________________________________
>>>>>>>>>> Efw-user mailing list
>>>>>>>>>> Efw-user@lists.sourceforge.net
>>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/efw-user
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> View this message in context:
>>>>>>>> http://www.nabble.com/DNS-address-format-for-OpenVPN-server--tp21340568p21360926.html
>>>>>>>> Sent from the efw-user mailing list archive at Nabble.com.
>>>>>>>>
>>>>>>>>
>>>>>>>> ------------------------------------------------------------------------------
>>>>>>>> Check out the new SourceForge.net Marketplace.
>>>>>>>> It is the best place to buy or sell services for
>>>>>>>> just about anything Open Source.
>>>>>>>> http://p.sf.net/sfu/Xq1LFB
>>>>>>>> _______________________________________________
>>>>>>>> Efw-user mailing list
>>>>>>>> Efw-user@lists.sourceforge.net
>>>>>>>> https://lists.sourceforge.net/lists/listinfo/efw-user
>>>>>>>
>>>>>>>
>>>>>>> ------------------------------------------------------------------------------
>>>>>>> Check out the new SourceForge.net Marketplace.
>>>>>>> It is the best place to buy or sell services for
>>>>>>> just about anything Open Source.
>>>>>>> http://p.sf.net/sfu/Xq1LFB
>>>>>>> _______________________________________________
>>>>>>> Efw-user mailing list
>>>>>>> Efw-user@lists.sourceforge.net
>>>>>>> https://lists.sourceforge.net/lists/listinfo/efw-user
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> View this message in context:
>>>>>> http://www.nabble.com/DNS-address-format-for-OpenVPN-server--tp21340568p21362130.html
>>>>>> Sent from the efw-user mailing list archive at Nabble.com.
>>>>>>
>>>>>>
>>>>>> ------------------------------------------------------------------------------
>>>>>> Check out the new SourceForge.net Marketplace.
>>>>>> It is the best place to buy or sell services for
>>>>>> just about anything Open Source.
>>>>>> http://p.sf.net/sfu/Xq1LFB
>>>>>> _______________________________________________
>>>>>> Efw-user mailing list
>>>>>> Efw-user@lists.sourceforge.net
>>>>>> https://lists.sourceforge.net/lists/listinfo/efw-user
>>>>>
>>>>>
>>>>> ------------------------------------------------------------------------------
>>>>> Check out the new SourceForge.net Marketplace.
>>>>> It is the best place to buy or sell services for
>>>>> just about anything Open Source.
>>>>> http://p.sf.net/sfu/Xq1LFB
>>>>> _______________________________________________
>>
>>>>> Efw-user mailing list
>>>>> Efw-user@lists.sourceforge.net
>>>>> https://lists.sourceforge.net/lists/listinfo/efw-user
>>>>>
>>>>>
>>>>
>>>>
>>>
>>> --
>>> View this message in context:
>>> http://www.nabble.com/DNS-address-format-for-OpenVPN-server--tp21340568p21577037.html
>>> Sent from the efw-user mailing list archive at Nabble.com.
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> This SF.net email is sponsored by:
>>> SourcForge Community
>>> SourceForge wants to tell your story.
>>> http://p.sf.net/sfu/sf-spreadtheword
>>> _______________________________________________
>>> Efw-user mailing list
>>> Efw-user@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/efw-user
>>
>>
>> ------------------------------------------------------------------------------
>> This SF.net email is sponsored by:
>> SourcForge Community
>> SourceForge wants to tell your story.
>> http://p.sf.net/sfu/sf-spreadtheword
>> _______________________________________________
>> Efw-user mailing list
>> Efw-user@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/efw-user
>>
>>
>
>
--
View this message in context:
http://www.nabble.com/DNS-address-format-for-OpenVPN-server--tp21340568p21671376.html
Sent from the efw-user mailing list archive at Nabble.com.
------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________
Efw-user mailing list
Efw-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/efw-user
