[Openswan Users] DNS through VPN
Willie Gillespie
wgillespie+openswan at es2eng.com
Tue Feb 8 18:43:59 EST 2011
On 02/08/2011 02:51 PM, Alex wrote:
> Hi,
>
>>> I suppose this isn't a VPN question directly, but how do I configure
>>> DNS for a domain that's behind the VPN on one side or the other? Would
>>> a slave zone restricted to just clients of a particular IP range be
>>> the best approach?
>>>
>>> In other words, I have a 192.168.1.0/24 behind the net-to-net openswan
>>> gateway on one side, and 192.168.6.0/24 behind the net-to-net openswan
>>> gateway on the other side, and would like to have both sides be able
>>> to resolve hosts from the other side.
>>
>> Do you have a DNS server on each side? What forward lookup zones are they
>> (each) responsible for?
>
> Yes, I should have mentioned that there is a DNS server on one side
> that is publically-accessible and a DNS server for the internal
> network on the other VPN server which is also the gateway for the
> 192.168.1.0 network.
Well, what you could potentially do is create a forwarder on both DNS
servers that just point to the other DNS server.
So your DNS server on 192.168.1.x could have a forwarder for
branch-office-6.example.com that goes to 192.168.6.x and vice-versa.
You'd probably also want to forward 6.168.192.in-addr.arpa to the same
server.
More information about the Users
mailing list