I recently rebuild my entire network. During this process I switched from using IPs to host names for accessing my various systems. Today I wanted to test the connection from my laptop to the fileserver trough the VPN tunnel. It didn't work because the laptop couldn't resolve the domain name of the fileserver. After a bit of searching around I found out that even tough I'm pushing the DNS option from the VPN server it doesn't set it on the client. For this to work some additional configuration is required:

aptitude install resolvconf

Create a backup of the resolv.conf file in /etc

cp /etc/resolv.con /etc/resolv.conf.orig

Create a symlink from /etc/resolvconf/run/resolv.conf to /etc/resolv.conf

ln -s /etc/resolvconf/run/resolv.conf /etc/resolv.conf

Now we have the basic functionality to let OpenVPN change the DNS server. However we need to add a few lines to the OpenVPN client config to use that function. The lines are:

script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

script-security 2, allows OpenVPN to execute an external script and the up/down update-resolv-conf tells it to execute the update-resolv-conf script when it initiates or ends a connection. Which then in turn changes the DNS server to the one which is pushed by the VPN server.

After everything is setup you can connect to the VPN again and the DNS resolution should work without a problem.

Next Post Previous Post