Hi Doug Doug Sampson schrieb: >>>> What do I need to do in order to get names resolved on all >>> openVPN clients? >>>> The following are possibilities but I would like to gather >>> feedback from you >>>> guys first. >>> Make your DNS server accessible from the VPN client. >>> >>> - You push 2 dhcp options to the client, are they actually >> registered? >>> - If so, are they honoured when you run nslookup? >>> - Does nslookup return anything meaningful? >>> >>> If everything fails, the OpenVPN mailing list is full of very >>> knowledgeable people. >>> >> I will test from home tonight and report back. > > I tested from home. Here's what happened when I input nslookup: > > C:\Documents and Settings\Doug>nslookup > *** Can't find server name for address 10.8.0.1: No response from server > *** Can't find server name for address 192.168.1.254: No response from > server > *** Can't find server name for address 192.168.0.1: Non-existent domain > *** Default servers are not available
Ok this shows that the servers cannot be reached. > Default Server: UnKnown > Address: 10.8.0.1 > > The ipconfig /all command for the TAP-32 adapter shows correct values for > all DHCP options. > > However, when I modified the DHCP option for dns server to point at a > different name server (192.168.1.1) on the loc area, nslookup immediately > worked! > > It looks like the DNS server (dnsmasq) on the Bering firewall isn't > accessible from VPN clients. As mentioned in an earlier mail, I've followed > instructions on the Bering web site for setting up the openvpn config file > as well as changes to Shorewall. Do I need to add rules to allow connections > on port 53 between VPN and FW in Shorewall rules? I am not that familiar with dnsmasq. I am still using dnscache. Have you verified the traffic on tunx to see it there is a request on port 53 passed. Does dnsmasq need to be told on which IP address it accepts requests. Do you allow DNS requests on your tunnel? cheers Erich ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ------------------------------------------------------------------------ leaf-user mailing list: [email protected] https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
