DNS issues on Ubuntu 12.04 with OpenVPN
Solution 1
This works for me: http://www.softwarepassion.com/solving-dns-problems-with-openvpn-on-ubuntu-box/
The important step is adding following three lines into your client openvpn config file:
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
Also ensure the resolvconf
package is installed on the client as this script depends on it.
It works with openvpn client service or command (sudo openvpn youropenvpn.conf
).
However, the Ubuntu Network Manager doesn't work for this configuration. It's an issue so far: https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1211110
Solution 2
When you re-installed 12.04 did you forget this step?
echo 1 > /proc/sys/net/ipv4/ip_forward
Source: https://openvpn.net/index.php/open-source/documentation/miscellaneous/88-1xhowto.html
Related videos on Youtube
user1048138
Updated on September 18, 2022Comments
-
user1048138 over 1 year
I followed this guide to setup openvpn on my home network.
I accidentally downloaded ubuntu 12.10 at first and without noticing, I went ahead and followed the guide...
Then I did some stuff from here: push "redirect-gateway def1" iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
to enable browsing.
OpenVPN was fully function.
By that I mean, I was able to remote in (access internal services) and mask my IP when browsing from the outside.
Then I realized that I wanted ubuntu 12.04 so I followed the same process on a new install.
Now the problem is that the DNS does not resolve.
I noticed that downloading openvpn downloaded resolvconf which I uninstalled and attempted to go about this manually.
Here is some stuff from my system:
openvpn server.conf:
mode server tls-server local 192.168.1.101 ## ip/hostname of server port 80 ## default openvpn port proto udp #bridging directive dev tap0 ## If you need multiple tap devices, add them here up "/etc/openvpn/up.sh br0 tap0 1500" down "/etc/openvpn/down.sh br0 tap0" persist-key persist-tun #certificates and encryption ca ca.crt cert server.crt key server.key # This file should be kept secret dh dh1024.pem tls-auth ta.key 0 # This file is secret cipher BF-CBC # Blowfish (default) comp-lzo #DHCP Information ifconfig-pool-persist ipp.txt server-bridge 192.168.1.10 255.255.255.0 192.168.1.100 192.168.1.110 push "redirect-gateway def1" push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 8.8.4.4" #push "dhcp-option DOMAIN yourdomain.com" #push "redirect-gateway local def1" #push "dhcp-option DNS 8.8.8.8" #push "redirect-gateway def1 bypass-dhcp" #push "dhcp-option DNS 192.168.1.1" #push "dhcp-option DNS 8.8.8.8" max-clients 10 ## set this to the max number of clients that should be connected at a time #log and security user nobody group nogroup keepalive 10 120 status openvpn-status.log verb 3
/etc/network/interfaces:
root@ironman:~# cat /etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface #auto lo #iface lo inet loopback # The primary network interface #auto eth0 #iface eth0 inet dhcp #############OPEN VPN SETUP############### ## This is the network bridge declaration ## Start these interfaces on boot auto lo br0 iface lo inet loopback iface br0 inet static address 192.168.1.101 netmask 255.255.255.0 gateway 192.168.1.1 bridge_ports eth0 nameserver 8.8.8.8 iface eth0 inet manual up ip link set $IFACE up promisc on down ip link set $IFACE down promisc off nameserver 8.8.8.8 root@ironman:~# cat /etc/resolv.conf nameserver 8.8.8.8 nameserver 192.168.1.1 root@ironman:~# ping google.com PING google.com (74.125.239.100) 56(84) bytes of data. 64 bytes from nuq05s01-in-f4.1e100.net (74.125.239.100): icmp_req=1 ttl=55 time=22.6 ms 64 bytes from nuq05s01-in-f4.1e100.net (74.125.239.100): icmp_req=2 ttl=55 time=21.7 ms 64 bytes from nuq05s01-in-f4.1e100.net (74.125.239.100): icmp_req=3 ttl=55 time=22.8 ms
Any help would be appreciated