[Openswan Users] dns via IPSEC tunnel

Bob Miller bob at computerisms.ca
Tue Dec 7 23:29:57 EST 2010

Not clear on your situation, it sounds like you have linux at both ends,
and are therefor probably not using l2tp.  If you were, the l2tp server
can be configured to provide that info.  If you are not using l2tp, then
I think there is an updown script thing you can use in your ipsec.conf.
That is probably the smarter way to do it, so of course I haven't done
it that way...
The way I have dealt with this for linux clients is with a script that
will adjust the firewall, start ipsec, and do any further system changes
required, like adjusting the resolv.conf file.  I put it either in my
network interfaces config file to come up automatically with the
network, or as an icon on the user's desktop so they can enable the vpn
as required.  I then make a second script for downing the vpn, to stop
ipsec, put the firewall back, readjust the system, etc, and put it in a
similarly appropriate spot.

On Tue, 2010-12-07 at 18:44 -0800, aurfalien at gmail.com wrote:
> Hi all,
> I finally got Openswan 2.14 to work with Centos 5.5
> I know its older but the newer versions don't seem to run on Centos  
> 5.5 even though I compiled from source.
> My last step is DNS, how can I get name resolution to work so that  
> hosts via the IPSEC tunnel resolve w/o any special config in either my  
> hosts or resolv.conf files.
> Thanks in advance,
> - aurf 
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan: 
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

Bob Miller
bob at computerisms.ca
Network, Internet, Server,
and Open Source Solutions

More information about the Users mailing list