[Gllug] DNS & VPN

Alain Williams addw at phcomp.co.uk
Wed Jun 20 14:06:11 UTC 2007


I am trying to work out the best solution to this:

I have set up a VPN for a client and am in the last stages of working out how
to configure their PCs -- needed as they want to use the VPN from home to enter the office.

All works except for the resolving of the name of the server in the office. This is
an internal server and so not in their world-visible DNS. The only office address
that they need to visit over the VPN is one Linux application server (the firewall enforces that).

The options seem to be:

1) Put an entry into the hosts file for the application server.
   Not hard: but will need to be done (and maintained) on client/home PCs. Not very many.

2) Push a DHCP option over the VPN to the client making it do DNS over the VPN.
   This would work - but is slower than needs be for external sites (eg google/...)
   This won't screw my Linux box (also connected to the VPN) since a Linux client will
   ignore this option.

3) Get the internal server address 192.168.XX.XX put into the world-visible DNS.
   At first glace it may seem benign but it occurs to me that if the client tries
   to do a reverse IP lookup (IP -> name) I will get into trouble.

I am using OpenVPN. MS Windows desktops & Linux: firewall/vpn-server & application server.

Any suggestions ?

-- 
Alain Williams
Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer.
+44 (0) 787 668 0256  http://www.phcomp.co.uk/
Parliament Hill Computers Ltd. Registration Information: http://www.phcomp.co.uk/contact.php
#include <std_disclaimer.h>
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list