Comments on: OpenVPN + DNS + OS X

By: merdely

merdely — Wed, 18 Feb 2009 15:21:53 +0000

You probably want to check with the actual OpenVPN group.

By: solarismania

solarismania — Wed, 18 Feb 2009 01:33:43 +0000

Thanks for info, but my openvpn connection usually drop about 1-2 hours (not stable connection). How to fix this ?

By: Troy Murray

Troy Murray — Thu, 09 Oct 2008 11:27:31 +0000

Try the Viscosity OpenVPN client for the Mac, works fantastically!
http://www.viscosityvpn.com/

By: DNS Utils

DNS Utils — Thu, 20 Mar 2008 13:20:09 +0000

For all your DNS needs. http://www.dns-utils.com

By: stephen

stephen — Fri, 08 Jun 2007 22:13:38 +0000

What about this scenario:

1. I’m using Tunnelblick to connect to the internet from another network. I’m using the DNS setting I received from my remote server connection rather than my local ISP to surf the net, etc.
2. I’m connecting on a Mac laptop OS 10.4.x using airport.
3. I’ve turned on sharing in the Preferences Pane….and I connect my Vonage box to it.
4. Vonage doesn’t work.

note: when I have the tunnel turned off, the vonage box connects to it’s server via the shared connection, but when I turn on the vpn tunnel, it can’t “find” it’s host server and forever tries to negotiate and “find” the server….

Is there something with the DNS settings that I need to do so that the Vonage box can resolve it’s host server and connect?

By: steve

steve — Mon, 12 Mar 2007 18:55:36 +0000

OK. I can confirm that this method:
http://openvpn.net/archive/openvpn-users/2006-10/msg00120.html

only seems to add 1 DNS to your table at a time.
upon connection to a simultaneous 2nd tunnel, the 1st tunnel’s DNS server gets replaced.

So… I think that if you only will connect to 1 tunnel at a time, this method is better in that you don’t have to hardcode any domain in your up.sh script.

but if you want more than one domain, adding them to OS X’s Search Domain GUI seems best

By: steve

steve — Mon, 12 Mar 2007 01:28:13 +0000

thanks mike… the Search Domains trick works perfectly for being able to access simultaneously more than 1 DNS server.

i also found another up script that works for me that i wanted to share for temporarily assigning a different VPN tunnel DNS:

http://openvpn.net/archive/openvpn-users/2006-10/msg00120.html

it pulls the DNS server from the VPN server config file’s push directive.
i havent yet tested whether i can simultaneously use tunnelblick to connect to 2 different VPNS with 2 different DNS servers.

By: mike

mike — Wed, 07 Mar 2007 23:20:29 +0000

Steve,

If you’re like me and really only care about two domains, you can go into your Network System Preferences and add a static domain search string. I have both my work domain and my home domain in there so that I can access resources with just the hostname.

System Preferences -> Network -> Built-in Ethernet or Airport -> Search Domains.
List them “domain1.net, domain2.net, …”

By: steve

steve — Wed, 07 Mar 2007 20:51:44 +0000

Mike
These scripts work great.
I just substituted the killall lookupd line for the flushcache and omitted the sleeps like you’ve done…

What would be the best way to temporarily change the machine’s own domain name during the connection to equal the new dns name?

I just want to access remote services in the same way as when at the remote site, so all my connect to server bookmarks would work, etc? ie:

ping hostname
instead of
ping hostname.domain.com

i tried manually changing it in/etc/resolv.conf and killall lookupd but it remains the same. i think a change of network settings might have to happen from the network gui but i want to integrate this into your script.

thanks!

By: mike

mike — Fri, 17 Nov 2006 16:20:50 +0000

I’ve been using Tunnelblick (actually as you describe with the “killall lookupd” instead of flushcache for exactly the reason you describe. It’s always worked in deleting my /etc/resolver/my.domain.com file.

So, I connected to a VPN endpoint and ran “ps -auxww | grep openvpn” and it’s running as root. My configuration file says “User nobody” so I’m not sure why.