I got it working thanks for the hint though!!!:) MD
On 27 Jun 2013 at 11:01, Artur Uszy´nski wrote: Date sent: Thu, 27 Jun 2013 11:01:02 +0200 From: Artur UszyÅ"ski <[email protected]> To: [email protected], Shorewall Users <[email protected]> Subject: Re: [Shorewall-users] vpn clients using my own dns server > Ponizsza wiadomo´s´c napisal(a) [email protected] w dniu 27.06.2013 > 09:19: > > > Sorry for the missing info here they are! > > > > Yes my dns server is on the firewall and listen on 199.148.1.1 and > > I'm also pushing a route 199.148.1.0/24 to my vpn clients. > > MD > > > > On 26 Jun 2013 at 19:18, Tom Eastep wrote: > > > > Subject: Re: [Shorewall-users] vpn clients using my own dns > > server From: Tom Eastep <[email protected]> Date > > sent: Wed, 26 Jun 2013 19:18:07 -0700 To: > > [email protected], Shorewall Users > > <[email protected]> > > > >> > >> On Jun 26, 2013, at 6:27 AM, [email protected] wrote: > >> > >>> Hello all and happy humpday! > >>> > >>> I'm using openvpn on a debian testing box and all of openvpn stuff > >>> is working as expected!!!:) > >>> > >>> I'm scratching my head though on how to make my vpn clients use > >>> my own dns server. > >>> > >>> Before posting here I tryed using this > >>> post"http://www.mail-archive.com/[email protected] > >>> .n et/msg15095.html" and I also red the man page of > >>> /etc/shorewall/rules /etc/shorewall/masq but to no avail! > >>> > >>> My local subnet is on 199.148.1.0/24 masquerade on eth1 for > >>> internet access, the dns-entry of the clients pointing to my > >>> shorewall interface eth0 at 199.148.1.1. the openvpn's subnet is > >>> 194.137.1.0/24 with a dns of 194.137.1.3. So what I would like to > >>> do is "translating" all dns request from openvpn "194.137.1.3" to > >>> my local network's dns " 199.148.1.1". That way all trafic will go > >>> through the vpn and no external dns are neded! > >>> > >>> I put down anyway what i so far come up with > >>> vpn= openvpn > >>> vijl= local network > >>> running shorewall 4.5.17.1 > >>> > >>> /etc/shorewall/rules > >>> > >>> DNAT vijl vpn:199.148.1.1 tcp,udp 53 - > >>> 194.137.1.3 > >>> > >>> /etc/shorewall/masq > >>> > >>> eth0:194.137.1.3,199.148.1.0/24 > >>> > >>> Could any one shed light on how to do this!? > >> > >> There aren't enough details here to allow us to help you. What IP > >> address(es) does your DNS server listen on? Does it run on the > >> Firewall or on a host in 199.148.1.0/24? And are you pushing a > >> route to 199.148.1.0/24 to the remote VPN gateway? > >> > > > Can't You just push 199.148.1.1 as dns server to vpn clients ? > > push "dhcp-option DNS 199.148.1.1" > > Then: > > /etc/shorewall/rules > > DNS(ACCEPT) vijl fw > > Regards > -- > Artur > > > ------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
