[solved, this time for good] openvpn dns issue

v43 · 2011-02-09 22:41:51

i guys! i'm having some trouble connecting to the university vpn.

i installed and configured openpvn as said here in the wiki https://wiki.archlinux.org/index.php/OpenVPN
i installed openresolv too and it seems to work.
the configuration file provided by the school is ok and it works well with windows openvpn-gui.

the problem lies in the script for openresolv given in the wiki. it doesn't work for me... these are the output of openvpn at the point it loads it:

Wed Feb  9 23:28:37 2011 SENT CONTROL [openvpn.unive.it]: 'PUSH_REQUEST' (status=1)
Wed Feb  9 23:28:37 2011 PUSH: Received control message: 'PUSH_REPLY,route-gateway 157.138.76.1,redirect-gateway,dhcp-option DNS 157.138.1.8,ping 5,ping-restart 60,ifconfig 157.138.76.100 255.255.255.0'
Wed Feb  9 23:28:37 2011 OPTIONS IMPORT: timers and/or timeouts modified
Wed Feb  9 23:28:37 2011 OPTIONS IMPORT: --ifconfig/up options modified
Wed Feb  9 23:28:37 2011 OPTIONS IMPORT: route options modified
Wed Feb  9 23:28:37 2011 OPTIONS IMPORT: route-related options modified
Wed Feb  9 23:28:37 2011 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Feb  9 23:28:37 2011 ROUTE default_gateway=192.168.1.1
Wed Feb  9 23:28:37 2011 TUN/TAP device tap0 opened
Wed Feb  9 23:28:37 2011 TUN/TAP TX queue length set to 100
Wed Feb  9 23:28:37 2011 /sbin/ifconfig tap0 157.138.76.100 netmask 255.255.255.0 mtu 1500 broadcast 157.138.76.255
Wed Feb  9 23:28:37 2011 /usr/share/openvpn/update-resolv-conf tap0 1500 1576 157.138.76.100 255.255.255.0 init
Wed Feb  9 23:28:37 2011 script failed: could not execute external program
Wed Feb  9 23:28:37 2011 Exiting

you can find the openresolve script at the bottom of the openvpn article in the wiki.
should i edit it someway?? what about that "foreign_option"? i don't get it

if i try to connect to the vpn avoiding the script it works, i can connect to the ssh servers of the school, but i can't browse the internet, as the dns aren't set properly.

Last edited by v43 (2011-02-11 18:53:01)

v43 · 2011-02-09 23:32:38

making the resolv.conf a link, as suggested here http://blog.rayfoo.info/2009/11/openvpn … esolv-conf
didn't help

andersonmanly · 2011-02-10 04:15:30

Do you have the program "/sbin/resolvconf" intsalled?

v43 · 2011-02-10 10:10:28

well, it's in /usr/sbin/resolvconf
i tried linking it to /sbin/resolvconf but had no luck

btw, i think openresolv is working fine, as the header of /etc/resolv.conf states: generated by resolvconf. so i think the problem lies in the up/down script

v43 · 2011-02-10 10:24:37

ok... now i feel dumb. i've been searching for a solution to this problem for days.
now i realize i just forgot to make the damn script executable!! it's working now.
thank you

i want to add a memo to make the script executable in the wiki page, but i found out i can't log in.
why aren't forum and wiki credentials merged?

Last edited by v43 (2011-02-10 10:29:07)

v43 · 2011-02-11 11:59:52

well, i had the occasion to test this thoroughly, connecting to the school wifi, and still it doesn't work. the internet browser just shows the not-so-welcome page of the school intranet. openvpn reports no errors or anything. ssh works. it worked connecting from home..
i connect to the network via wifi, using wicd and a dhcp setup. the dns in resolv.conf are changed accordingly when i connect. they are NOT changed again when i connect to the vpn. is that right?
i cant figure why it worked from home (and i'm sure i was in the vpn)..
any hints?

EDIT: it works disabling the openresolv script. the dns in resolv.conf are always the same!! damn this is nonsense!

Last edited by v43 (2011-02-11 12:45:18)

v43 · 2011-02-11 18:52:34

so this is what i did:
- uninstall openresolve.
- put the google dns address in /etc/resolv.conf.tail
- add a script to backup /etc/resolve.conf before the vpn session is established and restore it when it finishes.

problem solved, no matter what dhcpd or openvpn do to that file.

Last edited by v43 (2011-02-11 18:55:08)

Arch Linux

#1 2011-02-09 22:41:51

[solved, this time for good] openvpn dns issue

#2 2011-02-09 23:32:38

Re: [solved, this time for good] openvpn dns issue

#3 2011-02-10 04:15:30

Re: [solved, this time for good] openvpn dns issue

#4 2011-02-10 10:10:28

Re: [solved, this time for good] openvpn dns issue

#5 2011-02-10 10:24:37

Re: [solved, this time for good] openvpn dns issue

#6 2011-02-11 11:59:52

Re: [solved, this time for good] openvpn dns issue

#7 2011-02-11 18:52:34

Re: [solved, this time for good] openvpn dns issue

Board footer