[Openswan Users] Windows dns lookup over IPSEC/L2TP

Jacco de Leeuw jacco2 at dds.nl
Sun Oct 31 01:29:01 CEST 2004

Duncan Reed wrote:

> Doing an ipconfig/all you can see that the windows client has picked up
> the connection specific dns servers, i.e the ones on the subnet behind
> the vpn specified in the ppp options. 
> Now with PPP on Linux I would expect, with the use of 'usepeerdns', for
> the resolv.conf file to be dynamically changed while the ppp link was
> up. But on windows this does not seem to be the case.

Sorry, I don't understand. Does the Windows client obtain the DNS
addresses or doesn't it?

> When I browse or do an nslookup it uses the primary dns on the Ethernet
> adaptor connection, i.e. the ISP, rather than those specified by the VPN
> connection.

Can you ping those DNS servers once the client is connected? Can you
check with tcpdump on ipsec0 to see what happens?

> Converted to work on IPCop distribution. My config, what and
> how I did it can be found here
> http://www.elminster.com/xoops/modules/phpwiki/index.php/IpcopL2tpRemoteAccessServer

Looks great so far. I think with a nice GUI this could be an wonderful
addition to IPCop.

> I can get this working by hard coding stuff into windows but then it
> breaks resolution when the VPN is down.

Hard coding? You mean you set a fixed DNS server for that connection?

Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl

More information about the Users mailing list