Schmitt, Christian wrote:
is it possible to install ipa-dns-install on a remote host that is only
connect via vpn?

I mean this i my current network structure:

Host (Internet)                                               Intranet
VPN Access Provider  tun   <  -  > tun             FreeIPA Server dc01
dc02

when i now try to ipa-dns-install with the ip from the client ip of the
tun device of the FreeIPA Server i always get an error that the ip is
not on my device. Is there an easy way of having the DNS of the FreeIPA
Server on an Internet Machine? I mean it will work if i replicate the
whole ipa-server but that is somehow a little bit of an overkill.

We provide no tool to configure DNS as a standalone service. The ipa-dns-install tool will only configure a bind server running on an IPA master.

It is possible to configure bind/bind-dyndb-ldap to run on another host but you'd likely have performance issues and there could be problems at upgrade if we make configuration changes (they wouldn't be applied to your manually-configured instance).

rob

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to