Mageia forum

share the magic

Skip to content

OpenVPN client does not receives DNS push from server

Post a reply

OpenVPN client does not receives DNS push from server

Postby mackowiakp » Dec 17th, '15, 07:55

I have several OpenVPN PC (M5, MAC, WIN) connecting to 3 different OpenVPN servers that is M5 server, Synology and Tomato based router. In all cases PC`s connects correctly to server, routes are added correctly and it is possible to connect to any node inside local network, using IP address instead domain names.
Looking at /etc/resolv conf file, it is clear that nameservers definitions are not changed. So - as I understand - client does not respond to "push DNS..." statement.

Below example of client /etc/sysconfig/network-scripts/vpn.d/openvpn config file on M5

Code: Select all
dev tun
tls-client
remote server.example.com 1194

dhcp-option DNS 10.55.55.100
route 10.53.28.32 255.255.255.240
route 10.53.28.16 255.255.255.240
route-metric 50
pull
proto tcp-client
script-security 2
ca /home/maciek/dir_v/openvpn/ca.crt
comp-lzo
reneg-sec 0
auth-user-pass /home/maciek/dir_v/openvpn/login.conf
auth-nocache


And server config file on Synology:

Code: Select all
Lilith> cat openvpn.conf
push "route 10.55.55.0 255.255.255.0"
push "route 10.8.0.0 255.255.255.0"
push "dhcp-option DNS 10.55.55.100"
dev tun

management 127.0.0.1 1195

server 10.8.0.0 255.255.255.0


dh /var/packages/VPNCenter/target/etc/openvpn/keys/dh1024.pem
ca /var/packages/VPNCenter/target/etc/openvpn/keys/ca.crt
cert /var/packages/VPNCenter/target/etc/openvpn/keys/server.crt
key /var/packages/VPNCenter/target/etc/openvpn/keys/server.key

max-clients 5

comp-lzo

persist-tun
persist-key

verb 3

#log-append /var/log/openvpn.log

keepalive 10 60
reneg-sec 0

plugin /var/packages/VPNCenter/target/lib/radiusplugin.so /var/packages/VPNCenter/target/etc/openvpn/radiusplugin.cnf
client-cert-not-required
username-as-common-name
duplicate-cn

status /tmp/ovpn_status_2_result 30
status-version 2
proto tcp6-server
port 1194


And server config file on M5:

Code: Select all
[root@mackowiak openvpn]# cat server.conf
daemon
port 1194
proto udp
dev tun

ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key  # This file should be kept secret

dh /etc/openvpn/dh1024.pem

server 10.12.12.0 255.255.255.0

push "dhcp-option DNS 192.168.0.201"

keepalive 10 120

cipher AES-128-CBC   # AES

comp-lzo

max-clients 10

user openvpn
group openvpn

persist-key
persist-tun

status openvpn-status.log
verb 3
client-cert-not-required
plugin /usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so login


I try to use "up" and "down" entries in client config file to manually change content of /etc/resolv.conf. It is strange that "up" script works correctly but "down" - no. So after disconnecting, the content of resolv.conf file remains at the state changed by "up" script.

Does anybody can help mie with such "push DNS" problem?
Linux is like wigwam. No Windows, no Gates but Apache inside

WARNING ! The administrator has the right to refuse to install WINDOWS, invoking the conscience clause
mackowiakp
 
Posts: 646
Joined: May 23rd, '13, 07:32
Location: Gdynia, Poland
Top
Post a reply

Return to Networking

Who is online

Users browsing this forum: No registered users and 1 guest

Powered by phpBB® Forum Software © phpBB Group
cron