[strongSwan] Client access to DNS service running on same host as strongSwan server
sendmaildevnull at gmail.com
Sat Oct 7 00:27:49 CEST 2017
Anvar, thank you so much! This works perfectly.
On Fri, Oct 6, 2017 at 3:20 PM Anvar Kuchkartaev <anvar at anvartay.com> wrote:
> The best practice is creating dummy virtual interface and assign ip
> address to it and use it as dns server ip address.
> modprobe dummy
> ip link set dummy0 up
> ifconfig dummy0 126.96.36.199/32
> Now you can use it as internal ip address of dns server (you might change
> 188.8.131.52 with other ip address according to your network planning).
> Anvar Kuchkartaev
> anvar at anvartay.com
> *From: *Dan Vee
> *Sent: *sábado, 7 de octubre de 2017 12:01 a.m.
> *To: *users at lists.strongswan.org
> *Subject: *[strongSwan] Client access to DNS service running on same host
> as strongSwan server
> I currently have strongSwan server setup on a VPS host, and I'm also
> running an adblocking DNS server (not exposed to internet) on this same
> host. The server only has one interface and it has a public IP address
> (e.g. 184.108.40.206). I'd like to configure strongSwan to hand out a DNS address
> (for this local DNS server) for any clients that connect. I have two
> * I don't know how to make the DNS service running on the same VPS host
> accessible to the connecting client. My client has a virtual IP (e.g.
> 10.20.30.1) and not sure how I can communicate directly with a service
> running locally on this VPS host.
> * I don't know what IP I should I pass back to the client for this DNS
> address. I have no private IP address on this server. Should I return the
> public IP address for the server?
> Server config
> config setup
> charondebug="cfg 2, dmn 2, ike 2, net 2"
> conn %default
> conn IPSec-IKEv2
> rightid="client at 220.127.116.11"
> Any help would be greatly appreciated. Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users