OpenVPN DNS NETBIOS resolution / push issues

[woter]

Hi,

I see this is a reoccurring topic, however, the posts I have found haven't managed to resolve my issues.

Currently, I can resolve the FQDN of nodes on exported networks, however, I would like to be able to resolve hostnames without the need to enter the domain name.

I know I can set the domain suffix on the VPN NIC (adapter) on the client, but I don't think I should need to do this manually. I know OpenVPN supports this, however, I don't know if the Untangle implementation has disabled the functionality.

I have tried setting the default group settings to:

• Push DNS server: custom
• Push DNS custom 1: 192.168.60.5 (IP of Windows DNS server)
• Push DNS domain: domain.local

I have deleted and regenerated the Remote Client's config many times (although these are server-side settings, so I don't think I need to do this).

I have also tried setting extra push commands under Advanced from the OpenVPN documentation:

push	"ip-win32 dynamic"
push	"dhcp-option DOMAIN domain.local"
push	"dhcp-option DNS 192.168.60.5"

If I run ipconfig /all, I would expect to see:

• Connection-specific DNS Suffix : domain.local
• DNS Servers: 192.168.60.5

At the moment, I have only seen a series of IPv6 IPs.

I have also made sure the domain name of the Untangle appliance (Config > Network > Hostname) is set to domain.local.

I read (in a very old post) that I need to have Untangle's DNS configured properly before creating the Remote Client. Under Config > Network > DNS Server > Domain DNS Servers, I have the entry domain.local = 192.168.60.5, which I have had set for a long time.

I am sure this should work, but it's beating me. If anyone could lend some inspiration, I'd be very grateful.

T.I.A

[sky-knight]

It sounds to me like you've gone too far. I'm going to suggest you nuke the OpenVPN module and reinstall it to get back to defaults. (If you're confident you can undo anything in the advanced tab you can skip this step, just get that tab back to default)

The settings to push dns are under the server tab in OpenVPN settings, on the groups subtab, edit the group the clients in question are assigned to. Tick the Push DNS box, define a push dns server, and domain.

That's it... clients don't need regenerated, they will on connect get the DNS details in question.

The last thing I'll check is which OpenVPN client? Because I've had this problem with OpenVPN connect, so I only use the Community client.

[woter]

Hi,

Thank you again @sky-knight. I did as you suggested and uninstalled the Open VPN "app" on the Untangle appliance, reinstalled reconfigured, generated a new client profile, copied the profile to the client PC and same problem. No NETBIOS name resolution on the client.

Uninstalled the OpenVPN "Connect" client app on the client PC, rebooted, installed the OpenVPN "Community" client app and BOOM. Everything is working. I see the expected values in the output of ipconfig /all and I can ping / nslookup against my domain controller.

Is this a bug with OpenVPN Connect or the way OpenVPN interprets the configuration generated by Untangle?

Thanks again.

[sky-knight]

I'm honestly not sure, but given the two clients are supposed to be able to use the same configuration files I'm assuming it's a problem with the relatively new Connect client.

It might be something else though, information on this topic is hard to find. That comes along with a company "OpenVPN" making the monumentally stupid move of naming a product after a single English word that's in context to what it does. "Connect".

You cannot search for OpenVPN Connect and get things limited to that product scope. OpenVPN Connect has an iOS forum, and an Android forum but not a Windows forum.

It looks pretty, but I assume the thing needs to cook. I'll stick with the community client for the foreseeable future.