[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Freeswan Configuration
On Thu, Mar 21, 2002 at 02:27:02PM +1000, Bradley Marshall wrote:
> 4) DNS issues
>
> The best way to allow DNS resolution of machines in the office network
> is to run a local name server, and add the following to
> /etc/bind/named.conf. This will make any requests for the office DNS
> zones to be forwarded off to morris. Note this will only work when
> the VPN is up, for obvious reasons.
Note that this only works for the road warrior configuration. To
allow a DNS server that's on the freeswan end point in a subnet to
subnet configuration to see these zones, you need to add the following
to your named.conf options{} section:
listen-on { 192.168.25.1; 127.0.0.1; };
query-source address 192.168.25.1 port *;
where 192.168.25.1 is the ip of the local ethernet device. This will
force any queries going out to use the local address, rather than
INADDR_ANY.
Thanks,
Brad
--
+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
|Brad Marshall | Plugged In Software|
|Senior Systems Administrator | http://www.pisoftware.com|
|mailto:bmarshal@pisoftware.com | GPG Key Id: 47951BD0 / 1024b|
+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+
Fingerprint: BAE3 4794 E627 2EAF 7EC0 4763 7884 4BE8 4795 1BD0