OpenVPN Site-to-Site Remote DNS Resolution



  • Hello,

    This may be strange, or it may be trivial to some of you.

    I've successfully got a tunnel between a PfSense server and a Ubiquiti Edgemax Edgerouter Lite running Vyatta/VyOS.

    My issue is that my DNS entries on the server side of things are not available from the "client" side of the site-to-site network (though I have not tried the other way, it is not needed now).

    Are there commands that I need in my config somewhere to allow for my "client" to connect to remote hosts without remembering their IP?

    Any help would be appreciated.

    My Vyatta config is as follows:

    
     openvpn vtun0 {
            encryption aes256
            hash sha256
            local-address 10.8.8.2 {
            }
            local-port 1194
            mode site-to-site
            openvpn-option "--ping 10"
            openvpn-option "--ping-restart 20"
            openvpn-option "--user nobody"
            openvpn-option "--group nogroup"
            openvpn-option "--verb 5"
            openvpn-option "mssfix 1450"
            openvpn-option "tun-mtu 1500"
            openvpn-option "tun-mtu-extra 32"
            openvpn-option --comp-lzo
            openvpn-option --float
            openvpn-option --ping-timer-rem
            openvpn-option --persist-tun
            openvpn-option --persist-key
            protocol udp
            remote-address 10.8.8.1
            remote-host my-server-public-domain-name.com
            remote-port 1194
            shared-secret-key-file /config/auth/secret
        }
    }
    
    

    I set the following in an attempt to gather DNS entries from the server side of things:

    set service dns forwarding listen-on vtun0
    

    No luck with that either. Tho there are other forwarders before it… I don't really like the idea of a sole DNS that is remote :P

    Let me know if anyone wants more info about the issue.

    Thanks!


Log in to reply