OpenVPN Site-to-Site Remote DNS Resolution

  • Hello,

    This may be strange, or it may be trivial to some of you.

    I've successfully got a tunnel between a PfSense server and a Ubiquiti Edgemax Edgerouter Lite running Vyatta/VyOS.

    My issue is that my DNS entries on the server side of things are not available from the "client" side of the site-to-site network (though I have not tried the other way, it is not needed now).

    Are there commands that I need in my config somewhere to allow for my "client" to connect to remote hosts without remembering their IP?

    Any help would be appreciated.

    My Vyatta config is as follows:

     openvpn vtun0 {
            encryption aes256
            hash sha256
            local-address {
            local-port 1194
            mode site-to-site
            openvpn-option "--ping 10"
            openvpn-option "--ping-restart 20"
            openvpn-option "--user nobody"
            openvpn-option "--group nogroup"
            openvpn-option "--verb 5"
            openvpn-option "mssfix 1450"
            openvpn-option "tun-mtu 1500"
            openvpn-option "tun-mtu-extra 32"
            openvpn-option --comp-lzo
            openvpn-option --float
            openvpn-option --ping-timer-rem
            openvpn-option --persist-tun
            openvpn-option --persist-key
            protocol udp
            remote-port 1194
            shared-secret-key-file /config/auth/secret

    I set the following in an attempt to gather DNS entries from the server side of things:

    set service dns forwarding listen-on vtun0

    No luck with that either. Tho there are other forwarders before it… I don't really like the idea of a sole DNS that is remote :P

    Let me know if anyone wants more info about the issue.


Log in to reply