resources inacessible : mode routing or bridging ?

[hello_kitty]

Hello,

I installed and configured openvpn to the site to site. The vpn is mounted and I can ping the IP address of a machine's site A site from a machine B. However, I can not ping with the hostname or the FQDN.

A LAN <=> untangle (route) <=> internet <=> untangle (route) <=> LAN B

I have read and applied all that I see in the wiki and the forum but nothing works.

I want to know what mode openvpn site to site to install there? bridging or routing? I feel that it is in route! But the broadcast does not routing? Maybe this the problem? How to change the mode? in terminal ...

Can anyone help me? Should we add a rule in the FW to pass traffic on port 1194? and / or should we add a conditional forwarding in our internal DNS server that redirects to the domain name of the remote site? Nowhere is mentioned to do that but maybe he should do it anyway?

I thank you

[hlarsen]

if you can ping/access resources by IP, the tunnel works. have you tried this?

http://wiki.untangle.com/index.php/O...site_tunnel.3F

[sky-knight]

Site to Site VPN does nothing magic when it comes to DNS. So if you want the clients on the far side of the tunnel to use a DNS server in your main network, you need to configure the local DHCP server to pass out the appropriate DNS server information.

[hello_kitty]

hlarsen thanks but yes i have tried this yet.

[hello_kitty]

Site to Site VPN does nothing magic when it comes to DNS. So if you want the clients on the far side of the tunnel to use a DNS server in your main network, you need to configure the local DHCP server to pass out the appropriate DNS server information.

this step is not mentionned in the wiki ! i don't understand vey well ! how to do this ?

[sky-knight]

Yes it is mentioned in the wiki, and the specifics of "how to" are dependent on your network. Configuration of a DHCP service on another device is outside the scope of the Untangle forums.

If you have Untangle operating as the DHCP server on that remote network, we need a pile more detail about your configuration to assist you.

[hello_kitty]

I am not sure of any understanding.

In fact on each of the remote sites, I already have a DNS server and DHCP. what did you need other information such as? I have a DMZ in the site B.

one question: openvpn with untangle mode site to site let it go broascast arp requests? I think not because it is the routing mode is used? Can you confirm this?

thank you

[hello_kitty]

here is what I have in the Active Routes for each site in Untangle. See files attached

I find it strange the first line for site B. What do you think?


And when I do a tracert, I find it strange response

Site A: I go through a VPN interface not present in the routing table!
site B, I go through the interface that I find strange above

I do not understand anything and it comes in addition to resolve names !!!

[pazza3564]

This is all correct.

What the others were trying to say, was what are you using for dns at each site? Are you using Untangle, or a Microsoft Server for DNS.

What you will need to do, is in either one, go through manually adding dns entrys for the servers you require at the other site.

[hello_kitty]

in each site, i use a windows DNS Server. In the site A, it is windows 2003 DNS server ands in the site B it is a windows 2008 DNS server. The domain name in each site is different.

To try, I added in the dns seveur of my site A, a forwarder for the domain name of the site B with the LAN IP address of the DNS server of the site B. The same goes for site B. But it made no difference to my problem. I still can not ping a machine using its domain name on the remote site. I do not understand.

Should I change the rules in Packer Filter ? Should I add rules in the firewall for DNS traffic ?

I followed this tutorial and the link inside
http://forums.untangle.com/openvpn/8...tructions.html

do I restart untangle each amended to take into account changes?

Thanks