Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




89 posts

Master Geek


#261391 25-Nov-2019 11:58
Send private message

Posted about this a while ago, but have done more testing and gotten a few things working, so re-posting to see if I can get help again

 

I have a openvpn server running at home, clients can connect fine, and can get out to the internet / internal network servers (web server)

 

However when I put my Local DNS server as the DNS for the VPN clients, it fails.

 

Iv tried to do a tracert from a vpn client to the server and it times out at the VPN server
where a tracert from my client to a web server goes though fine.

 

Im a little lost as to whats going on now, so any help would be appreciated.

 

 

 

Network setup

 

Vlan 99 - DNS 192.168.99.40
Vlan 100 - VPN 10.10.100.2

 

VPN Tunnel 10.10.101.1 

 

Vlan 4 - Web Server 192.168.4.200

 

 

 

C:\Users\user>tracert 192.168.4.200
Tracing route to 192.168.4.200 over a maximum of 30 hops
  1    36 ms    21 ms    27 ms  10.10.101.1
  2    23 ms    25 ms    23 ms  10.10.100.1
  3    24 ms    25 ms    22 ms  192.168.4.200

 

C:\Users\user>tracert 192.168.99.40
Tracing route to 192.168.99.40 over a maximum of 30 hops
  1    22 ms    22 ms    22 ms  10.10.101.1
  2     *        *        *     Request timed out.
........
 30    *        *        *     Request timed out.


Create new topic
541 posts

Ultimate Geek


  #2360729 26-Nov-2019 00:39
Send private message

That could be a firewall issue.  Do you allow port 53 between OpenVPN on VLAN 100 and the DNS server on VLAN 99?  Do you log dropped packets in your router?  If so, check the logs to see why the DNS packets are being dropped.




89 posts

Master Geek


  #2360765 26-Nov-2019 08:54
Send private message

Managed to solve it

 

I had a management interface on the same vlan and subnet as my dns

 

For some reason when I was sending dns requests it was attempting to use that interface rather than my "inernet" interface, and was failing (not sure why as it was on the same network?)

 

Added a static route to push any requests to my dns down the other interface to be routed though the router back to my dns 


Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

OPPO Find X2 Lite brings flagship features to mid-range 5G smartphone
Posted 29-May-2020 12:52


Sony introduces the digital camera ZV-1 for content creators
Posted 27-May-2020 12:47


Samsung Announces 2020 QLED TV Range
Posted 20-May-2020 16:29


D-Link A/NZ launches AI-Powered body temperature measuring system
Posted 20-May-2020 16:22


NortonLifeLock Online Banking Protection now available for New Zealand banks
Posted 20-May-2020 16:14


SD Express delivers new gigabyte speeds for SD memory cards
Posted 20-May-2020 15:00


D-Link A/NZ launches Nuclias cloud managed network solution hosted in Australia
Posted 11-May-2020 17:53


Logitech introduces new video streaming solution for home studios
Posted 11-May-2020 17:48


Next generation Volvo cars to be powered by Luminar LiDAR technology
Posted 7-May-2020 13:56


D-Link A/NZ launches Wi-Fi Certified EasyMesh system
Posted 7-May-2020 13:51


Spark teams up with Microsoft to bring Xbox All Access to New Zealand
Posted 7-May-2020 13:01


Microsoft plans to establish its first datacenter region in New Zealand
Posted 6-May-2020 11:35


Genesis School-gen has joined forces with Mind Lab Kids
Posted 1-May-2020 12:53


Malwarebytes expands into privacy with fast, frictionless VPN
Posted 30-Apr-2020 16:06


Kordia to donate TV airtime on Channel 200 to community groups
Posted 30-Apr-2020 16:00



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.