[strongSwan] DNS config

Noel Kuntze noel.kuntze+strongswan-users-ml at thermi.consulting
Thu May 25 18:01:51 CEST 2017

Hello Alexander,

strongSwan doesn't do DNS resolution for other services. Push a DNS server to the initiator by using rightdns and make sure

the initiator accesses it through the tunnel. Apple Clients don't accept pushed DNS servers unless all traffic is tunneled

or the DNS server is scoped with a domain (needs to be explicitely configured via CPs).

On 23.05.2017 10:04, Alexander wrote:
> Hi everyone:
> I setup a VPS on Amazon EC2, now I can use this VPN to access google, facebook, but It cann't access some other sites, I'm sure it's problem about DNS config, does strongswan use dns resolve domain name at my vps or resolve on my local machine? how to config strongswan to make sure resolve at VPS end?
> thanks

Noel Kuntze
IT security consultant

GPG Key ID: 0x0739AD6C
Fingerprint: 3524 93BE B5F7 8E63 1372 AF2D F54E E40B 0739 AD6C

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x0739AD6C.asc
Type: application/pgp-keys
Size: 5423 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170525/4a2dc53f/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170525/4a2dc53f/attachment.sig>

More information about the Users mailing list