Bug #2525
OpenVPN name resolution
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | nethserver-openvpn | |||
Target version: | v6.5-beta3 | |||
Security class: | Resolution: | |||
Affected version: | v6.4-beta2 | NEEDINFO: | No |
Description
After openvpn connection to our firewall, DNS names are not resolved on client.
Firewall pushes its IP address as DNS to client, but our firewall is not our dns, it has no name server active on port 53, it simply direct queries to our internal DNS.
Associated revisions
host-to-net.conf template: push DNS server address to client. Refs #2525
host-to-net.conf template: use dns 'role' property. Refs #2525
History
#1 Updated by Filippo Carletti over 7 years ago
A possibile fix:
--- /etc/e-smith/templates/etc/openvpn/host-to-net.conf/40route 2013-10-24 10:08:03.000000000 +0200 +++ /etc/e-smith/templates-custom/etc/openvpn/host-to-net.conf/40route 2013-12-19 16:07:47.280732034 +0100 @@ -4,6 +4,7 @@ my $ndb = esmith::NetworksDB->open_ro(); my $green = $ndb->green(); my $IPAddress = $green->prop('ipaddr'); + $DNS = $dns{'NameServers'} || $IPAddress; $OUT = ""; @@ -13,8 +14,8 @@ } $OUT .= "push \"dhcp-option DOMAIN $DomainName\"\n"; - $OUT .= "push \"dhcp-option DNS $IPAddress\"\n"; - $OUT .= "push \"dhcp-option WINS $IPAddress\"\n"; + $OUT .= "push \"dhcp-option DNS $DNS\"\n"; + $OUT .= "push \"dhcp-option WINS $DNS\"\n"; $OUT .= "push \"dhcp-option NBT 2\"\n"; $OUT .= "push \"dhcp-option NBDD $IPAddress\"\n";
#2 Updated by Filippo Carletti over 7 years ago
- Status changed from NEW to TRIAGED
- Target version set to v6.5-beta3
- % Done changed from 0 to 20
#3 Updated by Giacomo Sanchietti over 7 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Giacomo Sanchietti
- % Done changed from 20 to 30
#4 Updated by Giacomo Sanchietti over 7 years ago
- Status changed from ON_DEV to MODIFIED
- % Done changed from 30 to 60
#5 Updated by Giacomo Sanchietti over 7 years ago
- Status changed from MODIFIED to ON_QA
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 60 to 70
Packages in nethserver-testing:
- nethserver-openvpn-1.0.1-2.0git16284f2f.ns6.noarch.rpm
- Configure and connect an OpenVPN client to the server
- If the server is the network DNS (
dns[role]
= 'resolver'), the client must receive the ip address of the server itself as DNS server - Otherwise the client must receive the value of
dns[NameServers]
property as DNS server(s)
#6 Updated by Davide Principi over 7 years ago
- Assignee set to Davide Principi
#7 Updated by Davide Principi over 7 years ago
- Status changed from ON_QA to VERIFIED
- Assignee deleted (
Davide Principi) - % Done changed from 70 to 90
#8 Updated by Davide Principi over 7 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
Released in nethserver/6.5/base
repository.