Use hostname to reach OpenVPN clients

zapador · Sep 16, 2023, 3:31 PM

Unoptanio · Sep 16, 2023, 4:04 PM

zapador · Sep 16, 2023, 4:02 PM

@Unoptanio Is what without using Host Overrides?

Unoptanio · Sep 16, 2023, 4:11 PM

@zapador
it was only a question.

Initially I thought that once connected to openvpn, the names of the machines that are on the 192.168.1.x network would automatically be visible without use dns override

zapador · Sep 16, 2023, 4:15 PM

@Unoptanio said in Use hostname to reach OpenVPN clients:

Initially I thought that once connected to openvpn, the names of the machines that are on the 192.168.1.x network would automatically be visible without use dns override

If you use "Register connected OpenVPN clients in the DNS Resolver" it should work without adding any Host Override. If not something is misconfigured or you're trying with an incorrect hostname, something along those lines.

Unoptanio · Sep 16, 2023, 4:32 PM

@zapador

the host I need to reach using the name is in the remote office network which has ip 192.168.1.x.

From my home PC I connect to OPEN VPN and by checking as you said the name is correctly registered: usernameopenvpn.domain and the IP address returns 10.10.94.x

zapador · Sep 16, 2023, 4:33 PM

@Unoptanio Ah alright. Not sure exactly why that is, seems a bit odd. Is this an acceptable solution though, manually creating the Host Override entries?

Unoptanio · Sep 16, 2023, 4:43 PM

@zapador

could it be a bug in the pfsense 2.7.0 version?

For now I'll leave it alone that it works.

I'll tell you this last thing:
on the office network 192.168.1.x I have a machine called "Server5k".
If I go to pfsense--> diasgnostics--> DNS lookup it doesn't resolve the name
does not find any machine names on the 192.168.1.x network

zapador · Sep 16, 2023, 4:44 PM

@Unoptanio There could be many reason for that. Is the Server5K connected directly to this pfSense? If so the pfSense should register the hostname via DHCP, or if there's a static DHCP lease. I really can't give you much info here without knowing the exact setup. But ask yourself - how would the pfSense know about the existence of this Server5K and have the pfSense had a good reason to register the hostname in DHCP?

Unoptanio · Sep 16, 2023, 4:53 PM

@zapador

zapador · Sep 16, 2023, 4:55 PM

@Unoptanio

I would add the pfSense IP in the list of DNS servers:

You could just remove 8.8.8.8 and replace it with 192.168.1.1.

How does the Server5K get it's IP address? Is it static on the Server5K itself? Or a static lease in pfSense? Or just DHCP without Statis Lease?

Unoptanio · Sep 16, 2023, 5:11 PM

@zapador

Server5k have static IP

zapador · Sep 16, 2023, 5:11 PM

@Unoptanio That explains why it isn't working. Set it to use DHCP on the server itself. Then on pfSense go to Services -> DHCP Server and at the bottom Add static mapping. Then fill everything out and make sure you get the MAC address right.

You just have to fill out this:

Unoptanio · Sep 16, 2023, 5:38 PM

@zapador

Are you sure?
But the server's ip address 192.168.1.250 is out of dhcp range

The DHCP range is :

zapador · Sep 16, 2023, 5:37 PM

@Unoptanio That's exactly as it should be. The DHCP range is for devices where you don't care about what IP they get, so clients, not servers. You cannot make a static mapping that lies within the DHCP range, only outside of it.
When you set the IP static on the server itself then it will never talk to the DHCP on the pfSense and that's why the pfSense doesn't really know that the server is even there. When you set a static mapping the server will talk to the DHCP server on pfSense and based on the MAC address of the server pfSense will assign it the correct IP address (outside of the DHCP range).

You can try to assign the server an IP inside of the DHCP range, that will give you an error. It has to be outside of the DHCP range.

Unoptanio · Sep 16, 2023, 5:43 PM

@zapador

I'm going to dinner at my place, it's 8pm, I'll talk to you as soon as I make the changes. for now thanks

zapador · Sep 16, 2023, 5:47 PM

@Unoptanio I would just leave them blank, assuming you have set some DNS servers in General Setup. Then you can read below the fields what happens by default. Or do as you've done here, adding the pfSense as the first option.

Unoptanio · Sep 16, 2023, 7:24 PM

@zapador

zapador · Sep 16, 2023, 7:31 PM

@Unoptanio Make sure this option is enabled in Services -> DNS Resolver:

If you enable it then you almost certainly need to release and renew IP config on Server5K so it makes a new request to DHCP.

I'm a bit confused why you see 192.168.1.1 in the list of DNS Servers under DNS Lookup, you should only see 127.0.0.1 at the top (that's the pfSense localhost address) and below that any other DNS Servers you have added. Did you add 192.168.1.1 under General Setup? If so remove it there as it is not necessary.

When I use DNS Lookup on a local hostname it looks like this:

This is my DNS settings under General Setup:

Unoptanio · Sep 16, 2023, 7:46 PM

@zapador

ok it worked.

this setting was sufficient