[oclug] FreeS/WAN question
Jon Earle
je_oclug at kronos.honk.org
Tue Apr 6 12:51:25 EDT 2004
'Ello, eh?
I have a FreeS/WAN gateway, with a remote client connecting to the network
behind said gateway. This works. I also have a DNS server running on the
gateway, providing two views of name resolution (external for the world to
see and internal for the localhost and private network)... pretty standard
stuff. The name server is working fine too.
The views are defined thus:
view "internal" {
match-clients { localhost; 192.168.0/24; };
...
view "external" {
match-clients { !192.168.0/24; !<public IP>; any; };
...
My quandry is this:
I configured the remote client to use the DNS server on this gateway
(private IP is 192.168.0.1). However, since the IP of the remote client
is not localhost, nor is it in the 192.168.0 network (it might be on a DSL
one day and a dialup in Wawa the next), it tries to resolve names using
the external view. I tried adding the IP subnet of the client to the
match-client line within the internal view and that worked, but obviously,
I don't want to be chasing down IPs all the time.
Is there a tweak I can do to my setup to always allow clients using the
VPN to resolve using the internal view, or am I going to have to
move/split the DNS server and have an internal server for the vpn/private
network?
Cheers!
Jon
--
Jon Earle
Software Developer / Network Manager
Specializing in Open Source Software Solutions
http://kronos.honk.org/~earlej/
More information about the OCLUG
mailing list