For my usage i want a multi VPN tunnel compatible system
on a TL-WR2543ND i built install and create openvpn client tunnel under OpenWrt.
It works, but dns wont return into my openwrt console or in lan client.
I see request and response in tcpdump -i tun0 -n, but a simple
ping my.fqdn.org never works ping ip.ad.dr.es works
all i can see it's my request and dns server response behind this tun0 but no more
i'am using up_down_script.sh from https://openwrt.org/docs/guide-user/services/vpn/openvpn/extra#dokuwiki__top at ### DNS and domain chapter
and all seem to work ... but without dns response into my ssh
client for openwrt can acces by ssh thru Openvpn client session to all network behind openvpn server like a charm.
Business_lan <==> OpenvpnServer <==> Internet <==> Openwrt & openvpn client mode <==> client_lan
i found this command line and used it link there https://github.com/StreisandEffect/streisand/wiki/Setting-an-OpenWrt-Based-Router-as-OpenVPN-Client
change "none" by "dhcp"
# a new network interface for tun: uci set network.My_vpn_conf_name=interface uci set network.My_vpn_conf_name.proto='dhcp' #dhcp #none uci set network.My_vpn_conf_name.ifname='tun0' # a new firewall zone (for VPN): uci add firewall zone oci set firewall.@zone[-1].name='vpn' uci set firewall.@zone[-1].input='REJECT' uci set firewall.@zone[-1].output='ACCEPT' uci set firewall.@zone[-1].forward='REJECT' uci set firewall.@zone[-1].masq='1' uci set firewall.@zone[-1].mtu_fix='1' uci add_list firewall.@zone[-1].network='My_vpn_conf_name' # enable forwarding from LAN to VPN: uci add firewall forwarding uci set firewall.@forwarding[-1].src='lan' uci set firewall.@forwarding[-1].dest='vpn' # Finally, you should commit UCI changes: uci commit`
what was wrong ?
ping my.fqdn.org never works
ping ip.ad.dr.es works
i view by tcpdump dns resolved response by
tcpdump -i tun0 -n