[strongSwan] Nameservers over ikev2
julian.poschmann at rwth-aachen.de
Fri Jul 1 13:19:31 CEST 2011
-----BEGIN PGP SIGNED MESSAGE-----
is it possible to set the dns servers that are pushed to the client
seperatly for each conn entry in ipsec.conf?
I'm setting up a gateway to connect external users via internet and also
users from a neighbouring house via ethernet connection (which is to be
secured by ipsec).
Users from the neighbouring house should get all their traffic routed
through the vpn and use the internal dns (which is the only one they can
reach) for internet access.
External users on the other hand are only able to access the internal
net, but not the internal internet connection. So they should use their
isp's nameserver instead.
While using the internal nameserver works also for external users, it
would be nice, if their dns requests/replies wouldn't use the internal
I've only seen the dns1/2 options in strongswan.conf so far, which
define servers for all connections.
Telefon: +49 170 3295135
E-Mail: julian.poshmannn at rwth-aachen.de
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
-----END PGP SIGNATURE-----
More information about the Users