[strongSwan] Nameservers over ikev2
Julian Poschmann
julian.poschmann at rwth-aachen.de
Fri Jul 1 13:19:31 CEST 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
is it possible to set the dns servers that are pushed to the client
seperatly for each conn entry in ipsec.conf?
I'm setting up a gateway to connect external users via internet and also
users from a neighbouring house via ethernet connection (which is to be
secured by ipsec).
Users from the neighbouring house should get all their traffic routed
through the vpn and use the internal dns (which is the only one they can
reach) for internet access.
External users on the other hand are only able to access the internal
net, but not the internal internet connection. So they should use their
isp's nameserver instead.
While using the internal nameserver works also for external users, it
would be nice, if their dns requests/replies wouldn't use the internal
dns server.
I've only seen the dns1/2 options in strongswan.conf so far, which
define servers for all connections.
Kind regards,
Julian Poschmann
- --
Julian Poschmann
Josefstr. 126
52080 Aachen-Eilendorf
Telefon: +49 170 3295135
E-Mail: julian.poshmannn at rwth-aachen.de
PGP-ID: 0x7D51DD8B
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
iEYEARECAAYFAk4NrUIACgkQJmSm8H1R3YsTNQCdGKspjUtn6qVqEhNnLLSgJ5e+
qYAAoIfxD7a9QQ8kFPCc2Vv10vveB1Ig
=ELHg
-----END PGP SIGNATURE-----
More information about the Users
mailing list