openvpn
Steve O'Hara-Smith
steve at sohara.org
Tue Sep 5 08:53:32 UTC 2017
On Mon, 4 Sep 2017 23:33:38 -0700
Doug Hardie <bc979 at lafn.org> wrote:
> Thanks for the info. I am making headway on this. I used the
> server.conf file and after a bit of horsing around with the key file, I
> got a connection to work. However, there are still some routing issues
> from the client to local machines. While everything works well with IP
> addresses, DNS is an issue. Ios is still going to the internet for DNS.
That is easily fixed, you'll want a line like this in your openvpn
config:
push "dhcp-option DNS 192.168.63.238"
Obviously change the IP address to wherever your DNS server is.
> I need to be able to tell it to "drop" the internet connection for
> everything (except connectivity) and use the VPN or to use the VPN for
> DNS. I am using routing, but wonder if bridging might be a better
The latter (VPN for DNS) is usually the best approach, there's a
lot to be said for only putting traffic over the VPN that needs to go there.
> approach.
Bridging is rarely the best option.
--
Steve O'Hara-Smith <steve at sohara.org>
More information about the freebsd-questions
mailing list