I've recently installed ZERINA-0.9.5b on IPCop 1.4.21 for roadwarrior access and everything is working great... To a point. The problem is that I can't seem to nail down where the problem is and hoping that others out there with more experience with OpenVPN may be able to offer their advice.
Main network is 192.168.0.0/24, VPN is 10.0.0.0/24. Using TUN (TAP would be preferable, but apparently doesn't work yet) and have a client connected via the VPN back to the office. Things more-or-less work.
10.0.0.0 not best idea - yes it works, but 10.0.0.0 discribes also the whole subnet...
Works: dns lookups (see below), ping, etc.
Doesn't work: file server synchronization, accessing hosts on the home LAN via their domain name (see below).
Environment is Windows domain, server 2003 AD. Have added the in.arpa for the 10.0.0.0/24 network, and when a remote client connects it shows up both in the domain DNS and the reverse lookup.
makes only sense, if you use additional ccd 's (its not in the GUI)
otherwise each client gets each connect different IPs
If I try to connect to the client via IP it works great; however, here's where it gets weird. I ping a clent by hostname: reply from 10.0.0.5 (for instance). Everything is happy. I take that SAME hostname into IE, Firefox, or in this case the app we are wanting to use remotely (ONSSI Video server), and I end up getting out openDNS search page.
Obviously, TUN is a L3 solution and there may be more needed to get the server to synchronize and not be in 'offline files' mode to work; however, if I can ping a hostname or nslookup an ip address without problem, why the heck would I not be able to connect to it VIA IE/Firefox (if those work, I'd bet me ONSSI software will follow suite)? There is no proxy setup on the browsers, and the remote network that I'm tunneling through doesn't use OpenDNS, so if for some reason it was going out over eth1 instead of the TUN interface, it wouldn't pull OpenDNS out.
Is this a routing/DNS issue? Is there any way to get the browser to be able to find the host that ping/nslookup does? Additionally and probably a more common question, how does one enable the OpenVPN client over a TUN interface to connect to the server and synchronize files?
perhaps you can yourself help you:
try each client with a : nslookup target
and you will see the answer of nameservers...
Unix has host, dig commands, shows you nameserverinfo, must be one on win too....(did never try ). ther are some "M$ special ways" in name resolutions, you should try first with FQDN ... if pings/IP-resolution works, there are probably no routing problems.