Re: Routing all traffic trough VPN
On 8/16/2018 8:53 AM, Piotr Martyniuk wrote:
On 2018-08-16, john doe <email@example.com> wrote:
On the vpn client are you getting the proper DNS in '/etc/resolv.conf'
when connected to your vpn server?
It changes (adds nameserver 192.168.2.1 on top), but this does not
seems to be valid as the IP's I got are from the network 10.8.0.xx and
the one I got is the local IP of one of my machines at home.
What should be there instead? Can this update-resolv-conf script be
used to use different valid entry unstead?
To be sure that we are on the same page:
This configuration assumes that the clients will get "all configuration"
from the server.
On the server in my config file I have:
$ grep -i 'dns\|redirect' *.conf
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 220.127.116.11"
If you have the 'resolvconf' package that should be all you need to do.
The script 'update-resolv-conf' should only be used if the 'resolvconf'
pkg is not installed.
At the top of 'update-resolv-conf' I have:
# Parses DHCP options from openvpn to update resolv.conf
# To use set as 'up' and 'down' script in your openvpn *.conf:
# up /etc/openvpn/update-resolv-conf
# down /etc/openvpn/update-resolv-conf
Add those two lines in your server's config file.
# Used snippets of resolvconf script by Thomas Hood and Chris Hanson.
# Licensed under the GNU GPL. See /usr/share/common-licenses/GPL.
# Example envs set from openvpn:
# foreign_option_1='dhcp-option DNS 18.104.22.168'
# foreign_option_2='dhcp-option DNS 22.214.171.124'
# foreign_option_3='dhcp-option DOMAIN be.bnc.ch'
[ -x /sbin/resolvconf ] || exit 0"
If "/sbin/resolvconf" is executable, there is no need to use