[ale] HomeVPN

Brian MacLeod nym.bnm at gmail.com
Tue Nov 13 16:47:35 EST 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 11/13/12 1:47 PM, Robert L. Harris wrote:
> 
> Here are my current configs with the suggestions above.  One thing 
> i would like to figure out is how to have my clients hit my 
> resolvers for my home domain but not for everything since my work 
> network has it's own for internal machines.


Hmm.  I don't believe you can do this without a LOT of hacking.
Basically, re-populate a hosts file upon successful connection.

Pushing altered DHCP options for name service will either not work
(since OpenVPN uses a Microsoft-ism here), or will work to overwrite
the clients' current name resolution scheme. There is not, to my
recollection, a way to convince the resolver to treat names
differently otherwise.

The only other way this works is if you can tell the clients' upstream
DNS provider to point to addresses that make sense for your VPN
connection.  If you could do that, you also wouldn't need to ask the
question :-) You'd have all the pieces to do this in a much cleaner
way in the first place.

bnm

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQE4BAEBCAAiBQJQor/3Gxhoa3A6Ly9rZXlzZXJ2ZXIudWJ1bnR1LmNvbQAKCRD5
XCJY/q4Y6KfTB/kB1nw27PY+x4GowHgGV4+x3qCAXpOGm8g4zBtU5hvGVH0tU5xP
aDC1nNlNslGhRKh8DG70AgmnVeLR0o/3t1DNg0p1L3FPTbFKlyQXDHxiwT42yThl
mSvu6lB7P500hpT1Qrs9R2qvK8Ef8+HEzRUkkkKLfBpjAdJ3NWiIXwBQNPllI3rg
be3w2j0sTCRR1iV7/AHVaXWlXerpzOHIA60r7EObS/2HlRoTkiz6Kwvi/UUZRcaR
opKuMN82ibSrQ3bl43DrzF1LFH4HddTbuHau0YM8rcqn2ujpnItsUwGWbm5YygKb
GWr2Jw+NSHpxqGQryqVvDijR0KqhnOi4EOdo
=uufy
-----END PGP SIGNATURE-----


More information about the Ale mailing list