[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Freeswan Configuration

On Mon, Mar 25, 2002 at 01:23:08PM +1000, Bradley Marshall wrote:
> Note that this only works for the road warrior configuration.  To
> allow a DNS server that's on the freeswan end point in a subnet to
> subnet configuration to see these zones, you need to add the following
> to your named.conf options{} section:
>   listen-on {;; };
>   query-source address port *;
> where is the ip of the local ethernet device.  This will
> force any queries going out to use the local address, rather than

This is all well and good, apart from the fact that it breaks remote
name resolution.  To set this up properly, you need to create a VPN
from the client router to the office subnet.  See my reply message to
the explanation of the VPN setup at Dave and Berns place for an
example config.

|Brad Marshall                    |           Plugged In Software|
|Senior Systems Administrator     |     http://www.pisoftware.com|
|mailto:bmarshal@pisoftware.com   |  GPG Key Id: 47951BD0 / 1024b|
 Fingerprint:  BAE3 4794 E627 2EAF 7EC0  4763 7884 4BE8 4795 1BD0