OpenVPN Hostname

[merovingi0]

Hi, I wanted to ask some information about open vpn.

I have two asus with the Merlin firmware. One is the openvpn server and one is the client. Through ip everything works perfectly, if I try to reach the PC by name they are not seen. But it works if I connect from the android phone with the open vpn application I can ping or connect to remote desktop on the PC even using the name. Do you have any advice?

 

[ColinTaylor]

Check the setting of "Accept DNS Configuration" on the VPN client.

 

[merovingi0]

I attach the client configuration here

 

[merovingi0]

here the server config

 

[ColinTaylor]

Try doing two nslookup's on the client PC. One with a short hostname (of a device on the server's LAN) and the other with a fully qualified domain name.

 

[waeking]

you need to include dnsmasq.conf.add https://github.com/RMerl/asuswrt-merlin/wiki/Custom-domains-with-dnsmasq... Then add the server=/ you need to do this on both routers to point at each other.

 

[merovingi0]

I reopen the post. I attach the current configuration of the vpn, if i use this with a pc client, it is able to ping the hostname of any pc on the vpn, but if a i am under another Asus (with the client config inside in the Asus) i am not able to ping the hostname of the vpn.

i don't understand for the dnsmasq.conf.add mentioned from waeking

 

[merovingi0]

you need to include dnsmasq.conf.add https://github.com/RMerl/asuswrt-merlin/wiki/Custom-domains-with-dnsmasq... Then add the server=/ you need to do this on both routers to point at each other.

i don't undestand when you say "add the server=/"

My configuration is
AsusWrt 192.168.22.1 OPEN VPN SERVER AND DNS SERVER for the lan 192.168.22.x
AsusWrt 192.168.14.1 OPEN VPN CLIENT AND DNS SERVER for the lan 192.168.14.x

do i have to enter this?:
insert in the dnsmasq.conf.add of 192.168.22.1 this command: server=/192.168.14.1
insert in the dnsmasq.conf.add of 192.168.14.1 this command: server=/192.168.22.1

EDIT: i think that the command is
server=/casa.lan/192.168.22.1 for the 192.168.14.1 AsusWrt
server=/casa.lan/192.168.14.1 for the 192.168.22.1 AsusWrt

but don't work

 

[eibgrad]

EDIT: i think that the command is
server=/casa.lan/192.168.22.1 for the 192.168.14.1 AsusWrt
server=/casa.lan/192.168.14.1 for the 192.168.22.1 AsusWrt

but don't work

The problem w/ this is that you're using the same domain name on both sides of the tunnel. That's like having the same IP network on both sides of the tunnel. It creates ambiguity as to which side of the tunnel is actually supporting the specified domain name. Each side of the tunnel needs its own unique domain name.

server=/micasa.lan/192.168.22.1 for the 192.168.14.1 AsusWrt
server=/sucasa.lan/192.168.14.1 for the 192.168.22.1 AsusWrt

 

[ColinTaylor]

i don't understand for the dnsmasq.conf.add mentioned from waeking

In addition to what @eibgrad said, you do not need to make any changes to dnsmasq unless the connection is intended to be permanent.

Just make sure that each router has a different domain set at LAN > DHCP Server > Domain Name. The VPN server can then "push" this domain's DNS server to the client. That is all that is required for a non-permanent connection.

 

[merovingi0]

it doesn't work.
This is my config:

The first is the DHCP configuration of the OVPN Client, the second is the DHCP configuration of the OVPN SERVER, the third is the configuration of the OVPN SERVER.

Whit this configuration, if i'll use the open vpn client installed on a pc, i can ping all ip or hostname of the lan of the openvpn server, but if i use like a client the Asus wrt, i can only ping the ip address, i can ping the hostname only if i add casa.lan. Example
ping server.casa.lan.

i've tried to edit the dns masq for each router with this:

server=/casa.lan/192.168.22.1 for the 192.168.14.1 AsusWrt
server=/shop.lan/192.168.14.1 for the 192.168.22.1 AsusWrt

but doesn't work.

 

[ColinTaylor]

i can ping the hostname only if i add casa.lan. Example
ping server.casa.lan.

Sorry, I thought this is what you wanted. Is it really that much of an inconvenience to add the domain name?

To make short names work for both domains you would have to change the DNS suffix search list on each of the PCs.

 

[Martineau]

it doesn't work.
This is my config:

The first is the DHCP configuration of the OVPN Client, the second is the DHCP configuration of the OVPN SERVER, the third is the configuration of the OVPN SERVER.

Whit this configuration, if i'll use the open vpn client installed on a pc, i can ping all ip or hostname of the lan of the openvpn server, but if i use like a client the Asus wrt, i can only ping the ip address, i can ping the hostname only if i add casa.lan. Example
ping server.casa.lan.

i've tried to edit the dns masq for each router with this:

server=/casa.lan/192.168.22.1 for the 192.168.14.1 AsusWrt
server=/shop.lan/192.168.14.1 for the 192.168.22.1 AsusWrt

but doesn't work.

I would remove the two statements from 'dnsmasq.conf.add', then restart dnsmasq

I believe by default (since v384.9), the firmware will now automatically include whatever you have chosen for your "Nome dominio RT-AC87U=casa.lan"

push "dhcp-option DOMAIN casa.lan"

so I would comment out both of your 'push "dhcp-option DOMAIN"' statements in the Custom Configuration GUI.

then retest

e.g. When I connect to my OpenVPN server, the phone shows in its OpenVPN log:

DNS server 10.88.8.1,Domain:aaaaaaaaaa.bbbb

and using the Android PING App, the remote domain name is correctly appended to the target

ping ds-416

64 bytes from DS-416.aaaaaaaaaa.bbbb

 

[merovingi0]

if i use a client (like android, or a windows pc with open vpn installed) it is ok.
if i use an Asus as a client it doesn't work