Can't resolve internal/private DNS entries over VPN connection












1















I have a basic VPN setup that allows me to connect to my AWS VPC via an OpenVPN client (tunnelblick 3.5). There is an OpenVPN sever (Ubuntu 12.4) that is running in the VPC which creates the connection. The VPN works fine as i am able to ping any private IP address in my VPC. My problem is that I cannot ping any of my private/internal DNS entires that point to private IP addresses.



For example, I can ping the the private IP 10.10.10.10, but I can't ping the private DNS entry server.pvt.company.com, which points to 10.10.10.10.



If I SSH onto any instance in the VPC I can ping server.pvt.company.com, and it resolves to 10.10.10.10, but this fails to work on my local when the VPN connection is up.



Here is my OpenVPN server.conf:



port 1194
proto udp
dev tun
ca ca.crt
cert blah.crt
key blah.key
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 10.10.0.0 255.255.0.0"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log


Here is my OpenVPN client.conf:



client
dev tun
proto udp
remote blah.company.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert me.crt
key me.key
ns-cert-type server
comp-lzo
verb 3


Any suggestions for figuring out how to resolve or push private/internal DNS entires over an OpenVPN connection?










share|improve this question





























    1















    I have a basic VPN setup that allows me to connect to my AWS VPC via an OpenVPN client (tunnelblick 3.5). There is an OpenVPN sever (Ubuntu 12.4) that is running in the VPC which creates the connection. The VPN works fine as i am able to ping any private IP address in my VPC. My problem is that I cannot ping any of my private/internal DNS entires that point to private IP addresses.



    For example, I can ping the the private IP 10.10.10.10, but I can't ping the private DNS entry server.pvt.company.com, which points to 10.10.10.10.



    If I SSH onto any instance in the VPC I can ping server.pvt.company.com, and it resolves to 10.10.10.10, but this fails to work on my local when the VPN connection is up.



    Here is my OpenVPN server.conf:



    port 1194
    proto udp
    dev tun
    ca ca.crt
    cert blah.crt
    key blah.key
    dh dh1024.pem
    server 10.8.0.0 255.255.255.0
    ifconfig-pool-persist ipp.txt
    push "route 10.10.0.0 255.255.0.0"
    push "dhcp-option DNS 8.8.8.8"
    push "dhcp-option DNS 8.8.4.4"
    keepalive 10 120
    comp-lzo
    persist-key
    persist-tun
    status openvpn-status.log


    Here is my OpenVPN client.conf:



    client
    dev tun
    proto udp
    remote blah.company.com 1194
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    ca ca.crt
    cert me.crt
    key me.key
    ns-cert-type server
    comp-lzo
    verb 3


    Any suggestions for figuring out how to resolve or push private/internal DNS entires over an OpenVPN connection?










    share|improve this question



























      1












      1








      1








      I have a basic VPN setup that allows me to connect to my AWS VPC via an OpenVPN client (tunnelblick 3.5). There is an OpenVPN sever (Ubuntu 12.4) that is running in the VPC which creates the connection. The VPN works fine as i am able to ping any private IP address in my VPC. My problem is that I cannot ping any of my private/internal DNS entires that point to private IP addresses.



      For example, I can ping the the private IP 10.10.10.10, but I can't ping the private DNS entry server.pvt.company.com, which points to 10.10.10.10.



      If I SSH onto any instance in the VPC I can ping server.pvt.company.com, and it resolves to 10.10.10.10, but this fails to work on my local when the VPN connection is up.



      Here is my OpenVPN server.conf:



      port 1194
      proto udp
      dev tun
      ca ca.crt
      cert blah.crt
      key blah.key
      dh dh1024.pem
      server 10.8.0.0 255.255.255.0
      ifconfig-pool-persist ipp.txt
      push "route 10.10.0.0 255.255.0.0"
      push "dhcp-option DNS 8.8.8.8"
      push "dhcp-option DNS 8.8.4.4"
      keepalive 10 120
      comp-lzo
      persist-key
      persist-tun
      status openvpn-status.log


      Here is my OpenVPN client.conf:



      client
      dev tun
      proto udp
      remote blah.company.com 1194
      resolv-retry infinite
      nobind
      persist-key
      persist-tun
      ca ca.crt
      cert me.crt
      key me.key
      ns-cert-type server
      comp-lzo
      verb 3


      Any suggestions for figuring out how to resolve or push private/internal DNS entires over an OpenVPN connection?










      share|improve this question
















      I have a basic VPN setup that allows me to connect to my AWS VPC via an OpenVPN client (tunnelblick 3.5). There is an OpenVPN sever (Ubuntu 12.4) that is running in the VPC which creates the connection. The VPN works fine as i am able to ping any private IP address in my VPC. My problem is that I cannot ping any of my private/internal DNS entires that point to private IP addresses.



      For example, I can ping the the private IP 10.10.10.10, but I can't ping the private DNS entry server.pvt.company.com, which points to 10.10.10.10.



      If I SSH onto any instance in the VPC I can ping server.pvt.company.com, and it resolves to 10.10.10.10, but this fails to work on my local when the VPN connection is up.



      Here is my OpenVPN server.conf:



      port 1194
      proto udp
      dev tun
      ca ca.crt
      cert blah.crt
      key blah.key
      dh dh1024.pem
      server 10.8.0.0 255.255.255.0
      ifconfig-pool-persist ipp.txt
      push "route 10.10.0.0 255.255.0.0"
      push "dhcp-option DNS 8.8.8.8"
      push "dhcp-option DNS 8.8.4.4"
      keepalive 10 120
      comp-lzo
      persist-key
      persist-tun
      status openvpn-status.log


      Here is my OpenVPN client.conf:



      client
      dev tun
      proto udp
      remote blah.company.com 1194
      resolv-retry infinite
      nobind
      persist-key
      persist-tun
      ca ca.crt
      cert me.crt
      key me.key
      ns-cert-type server
      comp-lzo
      verb 3


      Any suggestions for figuring out how to resolve or push private/internal DNS entires over an OpenVPN connection?







      networking vpn dns openvpn






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Jan 28 '15 at 15:48









      heavyd

      50.5k12123156




      50.5k12123156










      asked Jan 28 '15 at 15:34









      bwoodr01bwoodr01

      8113




      8113






















          1 Answer
          1






          active

          oldest

          votes


















          3














          Your server is pushing the Google DNS servers to the client:



          push "dhcp-option DNS 8.8.8.8"
          push "dhcp-option DNS 8.8.4.4"


          You'll want to push a local DNS server that knows how to resolve your local hostnames instead.






          share|improve this answer



















          • 1





            thanks @heavyd! I added push "route 169.254.169.253" and push "dhcp-option DNS 169.254.169.253" to my openvpn server.conf and i can now resolve private dns entries over vpn. I used 169.254.169.253 as my local dns servers b/c according to aws documentation that is the ip for aws dns server docs.aws.amazon.com/AmazonVPC/latest/UserGuide/…

            – bwoodr01
            Feb 2 '15 at 16:12













          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "3"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f870656%2fcant-resolve-internal-private-dns-entries-over-vpn-connection%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          3














          Your server is pushing the Google DNS servers to the client:



          push "dhcp-option DNS 8.8.8.8"
          push "dhcp-option DNS 8.8.4.4"


          You'll want to push a local DNS server that knows how to resolve your local hostnames instead.






          share|improve this answer



















          • 1





            thanks @heavyd! I added push "route 169.254.169.253" and push "dhcp-option DNS 169.254.169.253" to my openvpn server.conf and i can now resolve private dns entries over vpn. I used 169.254.169.253 as my local dns servers b/c according to aws documentation that is the ip for aws dns server docs.aws.amazon.com/AmazonVPC/latest/UserGuide/…

            – bwoodr01
            Feb 2 '15 at 16:12


















          3














          Your server is pushing the Google DNS servers to the client:



          push "dhcp-option DNS 8.8.8.8"
          push "dhcp-option DNS 8.8.4.4"


          You'll want to push a local DNS server that knows how to resolve your local hostnames instead.






          share|improve this answer



















          • 1





            thanks @heavyd! I added push "route 169.254.169.253" and push "dhcp-option DNS 169.254.169.253" to my openvpn server.conf and i can now resolve private dns entries over vpn. I used 169.254.169.253 as my local dns servers b/c according to aws documentation that is the ip for aws dns server docs.aws.amazon.com/AmazonVPC/latest/UserGuide/…

            – bwoodr01
            Feb 2 '15 at 16:12
















          3












          3








          3







          Your server is pushing the Google DNS servers to the client:



          push "dhcp-option DNS 8.8.8.8"
          push "dhcp-option DNS 8.8.4.4"


          You'll want to push a local DNS server that knows how to resolve your local hostnames instead.






          share|improve this answer













          Your server is pushing the Google DNS servers to the client:



          push "dhcp-option DNS 8.8.8.8"
          push "dhcp-option DNS 8.8.4.4"


          You'll want to push a local DNS server that knows how to resolve your local hostnames instead.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Jan 28 '15 at 15:49









          heavydheavyd

          50.5k12123156




          50.5k12123156








          • 1





            thanks @heavyd! I added push "route 169.254.169.253" and push "dhcp-option DNS 169.254.169.253" to my openvpn server.conf and i can now resolve private dns entries over vpn. I used 169.254.169.253 as my local dns servers b/c according to aws documentation that is the ip for aws dns server docs.aws.amazon.com/AmazonVPC/latest/UserGuide/…

            – bwoodr01
            Feb 2 '15 at 16:12
















          • 1





            thanks @heavyd! I added push "route 169.254.169.253" and push "dhcp-option DNS 169.254.169.253" to my openvpn server.conf and i can now resolve private dns entries over vpn. I used 169.254.169.253 as my local dns servers b/c according to aws documentation that is the ip for aws dns server docs.aws.amazon.com/AmazonVPC/latest/UserGuide/…

            – bwoodr01
            Feb 2 '15 at 16:12










          1




          1





          thanks @heavyd! I added push "route 169.254.169.253" and push "dhcp-option DNS 169.254.169.253" to my openvpn server.conf and i can now resolve private dns entries over vpn. I used 169.254.169.253 as my local dns servers b/c according to aws documentation that is the ip for aws dns server docs.aws.amazon.com/AmazonVPC/latest/UserGuide/…

          – bwoodr01
          Feb 2 '15 at 16:12







          thanks @heavyd! I added push "route 169.254.169.253" and push "dhcp-option DNS 169.254.169.253" to my openvpn server.conf and i can now resolve private dns entries over vpn. I used 169.254.169.253 as my local dns servers b/c according to aws documentation that is the ip for aws dns server docs.aws.amazon.com/AmazonVPC/latest/UserGuide/…

          – bwoodr01
          Feb 2 '15 at 16:12




















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Super User!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f870656%2fcant-resolve-internal-private-dns-entries-over-vpn-connection%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          Сан-Квентин

          8-я гвардейская общевойсковая армия

          Алькесар