[clug-talk] VPN name resolution question

Cody Swanson mailinglists at sysop.ca
Tue Apr 7 19:45:40 PDT 2009


If you're just dealing with something that can be tunneled through a
SOCKS5 proxy it's quite solvable with ssh. I've recently dumped my home
VPN server for a much simpler solution using ssh socks mode (ssh -D 8080
username at host.ca). Firefox has an option that's enabled through
about:config called network.proxy.socks_remote_dns which when set to
true enables DNS resolution through the socks5 proxy, which means that
when I've got the proxy enabled all my browser's traffic is going
through ssh. Then by adding the quickproxy plugin to firefox I'm able to
toggle my traffic through my ssh socks proxy with the click of a mouse.
It has been working quite well for me, ssh is a lot easier to setup and
maintain than a vpn.

I believe the remote resolvers problem has also been solved in openvpn
but it's been a few years since I've used it.

Shawn wrote:
> Royce's question regarding name resolution triggered a neuron for me...
>
> When I establish a VPN connection to a remote network, I need name
> resolution to work for servers there.  At the moment the only way to
> do this seems to be to change my /etc/resolv.conf file to use their
> nameserver.  But that means that all name requests are now going
> through their network - even for things that have nothing to do with
> their network.
>
> I have set up a script to establish the VPN connection, backup my
> resolv.conf file and replace it with one that has the remote name
> server.  But there's probably a better way.
>
> Any tips?
>
> Shawn
>
> _______________________________________________
> clug-talk mailing list
> clug-talk at clug.ca
> http://clug.ca/mailman/listinfo/clug-talk_clug.ca
> Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
> **Please remove these lines when replying
>




More information about the clug-talk mailing list