Re: Routing all traffic trough VPN
On 8/16/2018 8:53 AM, Piotr Martyniuk wrote:
On 2018-08-16, john doe <johndoe65534@mail.com> wrote:
On the vpn client are you getting the proper DNS in '/etc/resolv.conf'
when connected to your vpn server?
It changes (adds nameserver 192.168.2.1 on top), but this does not
seems to be valid as the IP's I got are from the network 10.8.0.xx and
the one I got is the local IP of one of my machines at home.
What should be there instead? Can this update-resolv-conf script be
used to use different valid entry unstead?
To be sure that we are on the same page:
This configuration assumes that the clients will get "all configuration"
from the server.
On the server in my config file I have:
$ grep -i 'dns\|redirect' *.conf
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.220.220"
If you have the 'resolvconf' package that should be all you need to do.
The script 'update-resolv-conf' should only be used if the 'resolvconf'
pkg is not installed.
At the top of 'update-resolv-conf' I have:
"#!/bin/bash
#
# Parses DHCP options from openvpn to update resolv.conf
# To use set as 'up' and 'down' script in your openvpn *.conf:
# up /etc/openvpn/update-resolv-conf
# down /etc/openvpn/update-resolv-conf
Add those two lines in your server's config file.
#
# Used snippets of resolvconf script by Thomas Hood and Chris Hanson.
# Licensed under the GNU GPL. See /usr/share/common-licenses/GPL.
#
# Example envs set from openvpn:
#
# foreign_option_1='dhcp-option DNS 193.43.27.132'
# foreign_option_2='dhcp-option DNS 193.43.27.133'
# foreign_option_3='dhcp-option DOMAIN be.bnc.ch'
#
[ -x /sbin/resolvconf ] || exit 0"
If "/sbin/resolvconf" is executable, there is no need to use
'update-resolv-conf'.
--
John Doe
Reply to: