Project

General

Profile

Actions

Feature #8644

closed

IPsec mobile clients DNS enhancement

Added by Christian R. almost 4 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Low
Assignee:
-
Category:
IPsec
Target version:
Start date:
07/13/2018
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:

Description

linked to #8292

changing DNS from attr plugin to rightdns as of strongswan wiki:

DNS servers
DNS servers and other attributes can be assigned by plugins (e.g. the attr plugin) or since 5.0.1 directly in ipsec.conf by use of the rightdns option. In swanctl.conf each pool in the pools section may define a list of attributes to assign to clients.

Now each client can have an individual assigned DNS.

Actions #2

Updated by Jim Pingle almost 4 years ago

  • Category set to IPsec
  • Target version set to 2.4.4

PR looks OK, but needs testing.

Actions #3

Updated by Jim Pingle almost 4 years ago

  • Assignee deleted (Jim Pingle)
Actions #4

Updated by Anonymous almost 4 years ago

  • Priority changed from Normal to Low
Actions #5

Updated by Anonymous almost 4 years ago

  • Status changed from New to Feedback

PR Merged

Actions #6

Updated by Azamat Khakimyanov over 3 years ago

  • Status changed from Feedback to Resolved

I check this Bug on old 2.4.4.a.20180801.0114: DNS from /VPN/IPsec/Mobile Clients menu was set up into '/var/etc/ipsec/strongswan.conf' as 'plugin attr'.
But on latest 2.4.4.a.20180828.1606 DNS from /VPN/IPsec/Mobile Clients menu now is set up as 'rightdns' option into '/var/etc/ipsec/ipsec.conf'.

With two DNSs (one in /VPN/IPsec/Mobile Clients and one in /VPN/IPsec/Pre-Shared Keys) I see that my PC sends DNS requests
- at first to DNS which was set up into /VPN/IPsec/Pre-Shared Keys
- then if there is no answer, to DNS which was set up into /VPN/IPsec/Mobile Clients

Actions

Also available in: Atom PDF