I'm trying to set up a small VPN Network using OpenVPN which will allow me to connect to my workstation in the office from home.
I've already set up OpenVPN server, generated keys and client config files. Everything works I can connect to my work machine in the office from home via RDP but there is one issue - DNS names for local resources cannot be resolved when work PC is connected to my VPN:
C:\Users\user>nslookup jira.corporate_domain.com
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.54.11
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
C:\Users\user>nslookup google.com
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.54.11
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
C:\Users\user>nslookup google.com 8.8.8.8
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Non-authoritative answer:
Name: google.com
Addresses: 2607:f8b0:4008:808::200e
216.58.219.142
I've add our local DNS server to client config file and also added a static route for that, it doesn't work. Here are the current settings on the client:
Client PC OS: Windows 10
client_config.ovpn:
client
nobind
dev tun
key-direction 1
remote-cert-tls server
remote vpn.dns_name_of_my_server.ru 443 tcp
http-proxy proxy.corporate_dns_name.com 3129
dhcp-option DNS 192.168.54.11
route 192.168.54.11 255.255.255.255 192.168.37.1
route 192.168.70.11 255.255.255.255 192.168.37.1
ipconfig /all
on the client:
C:\Users\user>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : S0003445
Primary Dns Suffix . . . . . . . : ad.corporate_domain.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ad.corporate_domain.com
Ethernet adapter Ethernet 3:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Windows Adapter V9
Physical Address. . . . . . . . . : 00-FF-B6-98-50-62
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::cd6:8fec:5f45:9f4f%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.255.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.252
Lease Obtained. . . . . . . . . . : 30 сентября 2016 г. 17:23:51
Lease Expires . . . . . . . . . . : 30 сентября 2017 г. 17:23:50
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 192.168.255.5
DHCPv6 IAID . . . . . . . . . . . : 369164214
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-ED-10-9F-10-C3-7B-4C-A0-FA
DNS Servers . . . . . . . . . . . : 192.168.54.11
8.8.8.8
8.8.4.4
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . : ad.corporate_domain.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 10-C3-7B-4C-A0-FA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1c57:9c8c:64b2:1aeb%5(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.37.106(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 29 сентября 2016 г. 11:04:00
Lease Expires . . . . . . . . . . : 7 октября 2016 г. 11:03:57
Default Gateway . . . . . . . . . : 192.168.37.1
DHCP Server . . . . . . . . . . . : 192.168.70.21
DHCPv6 IAID . . . . . . . . . . . : 51430267
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-ED-10-9F-10-C3-7B-4C-A0-FA
DNS Servers . . . . . . . . . . . : 192.168.70.11
192.168.54.11
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter VirtualBox Host-Only Network:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
Physical Address. . . . . . . . . : 08-00-27-00-34-4C
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8cd8:5f1d:f24f:fc95%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 201850919
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-ED-10-9F-10-C3-7B-4C-A0-FA
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter VirtualBox Host-Only Network #2:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter #2
Physical Address. . . . . . . . . : 08-00-27-00-F8-A8
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e0b9:a45e:e853:1456%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.99.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 285736999
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-ED-10-9F-10-C3-7B-4C-A0-FA
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{E1337BD8-BE7B-4699-B5B6-6404A1995408}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.ad.sperasoft.com:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : ad.sperasoft.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{B6985062-CC79-4BE2-9963-92484A01C1D6}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{9CB069EA-424F-4D8A-AE63-43372ED9F0BF}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Local DNS server is available via ping
:
C:\Users\user>ping 192.168.54.11
Pinging 192.168.54.11 with 32 bytes of data:
Reply from 192.168.54.11: bytes=32 time=41ms TTL=126
Reply from 192.168.54.11: bytes=32 time=41ms TTL=126
Reply from 192.168.54.11: bytes=32 time=42ms TTL=126
Reply from 192.168.54.11: bytes=32 time=40ms TTL=126
Ping statistics for 192.168.54.11:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 40ms, Maximum = 42ms, Average = 41ms
Static route to it is also working fine judging by tracert
:
C:\Users\user>tracert 192.168.54.11
Tracing route to 192.168.54.11 over a maximum of 30 hops
1 <1 ms <1 ms <1 ms 192.168.37.1
2 40 ms 39 ms 39 ms 192.168.50.2
3 44 ms 40 ms 40 ms 192.168.54.11
Trace complete.
What am I missing?