Project

General

Profile

Feature #8644

IPsec mobile clients DNS enhancement

Added by Christian R. 12 months ago. Updated 10 months ago.

Status:
Resolved
Priority:
Low
Assignee:
-
Category:
IPsec
Target version:
Start date:
07/13/2018
Due date:
% Done:

100%

Estimated time:

Description

linked to #8292

changing DNS from attr plugin to rightdns as of strongswan wiki:

DNS servers
DNS servers and other attributes can be assigned by plugins (e.g. the attr plugin) or since 5.0.1 directly in ipsec.conf by use of the rightdns option. In swanctl.conf each pool in the pools section may define a list of attributes to assign to clients.

Now each client can have an individual assigned DNS.

History

#2 Updated by Jim Pingle 12 months ago

  • Category set to IPsec
  • Target version set to 2.4.4

PR looks OK, but needs testing.

#3 Updated by Jim Pingle 11 months ago

  • Assignee deleted (Jim Pingle)

#4 Updated by Steve Beaver 11 months ago

  • Priority changed from Normal to Low

#5 Updated by Steve Beaver 10 months ago

  • Status changed from New to Feedback

PR Merged

#6 Updated by Azamat Khakimyanov 10 months ago

  • Status changed from Feedback to Resolved

I check this Bug on old 2.4.4.a.20180801.0114: DNS from /VPN/IPsec/Mobile Clients menu was set up into '/var/etc/ipsec/strongswan.conf' as 'plugin attr'.
But on latest 2.4.4.a.20180828.1606 DNS from /VPN/IPsec/Mobile Clients menu now is set up as 'rightdns' option into '/var/etc/ipsec/ipsec.conf'.

With two DNSs (one in /VPN/IPsec/Mobile Clients and one in /VPN/IPsec/Pre-Shared Keys) I see that my PC sends DNS requests
- at first to DNS which was set up into /VPN/IPsec/Pre-Shared Keys
- then if there is no answer, to DNS which was set up into /VPN/IPsec/Mobile Clients

Also available in: Atom PDF