No announcement yet.

Site-to-Site OpenVPN Routing/DNS

This topic is closed.
  • Filter
  • Time
  • Show
Clear All
new posts

  • Site-to-Site OpenVPN Routing/DNS

    Hi all,

    I am trying to set up 2 untangle boxes between a couple sites. One at the main office and one at a remote office. Both offices have DSL with static IP's.
    I want to have a persistent OpenVPN connection between the remote site and the main office. All traffic should go through the VPN to make sure that the web filter on the main office Untangle box can keep track of the web traffic.
    I have the Untangle box at the main office set up as a VPN server with alternate DNS set to my main office Active Directory server DNS. I have set up the address pool with the default subnet and set to export DNS.
    This is pretty much where I'm stuck... From the remote site I can ping all of the hosts on the main office subnet by IP but not hostname. I haven't yet tested if the VPN will route all traffic through it, but I'm sure that will be an issue too.
    So I guess I have 2 questions...
    How can I set up the remote site Untangle box to use the main office AD DNS?
    How can I get all traffic destined for anywhere to go through the main office Untangle box?

    Any help that you can provide would be great.


  • #2
    hi cursor.
    the dns needs to be included on the exported host otherwise it wont be seen the remote clients.
    to check if dns is exported on to the remote site you can do nslookup on one computer and it will show you the current dns in use.
    also try pinging their fully qualified domain name ( FQDN ). this should work.

    only traffic destined to the other site will be routed through vpn.


    • #3
      My exported hosts is set to, which is my entire network, including the DNS server. I have tried adding the DNS server as an exported host, but Untangle tells me that hosts cannot overlap, which makes sense.
      I exported the DNS to the remote site, but I can't get any FQDN on my main office site to resolve.

      I'm assuming that maybe I can set up each client machine at the remote site to use the main office untangle internal IP as a proxy on port 3128? This might work instead of trying to route all traffic through the VPN.


      • #4
        What state is the firewall module in? Pass or Block as default action? Does it have any block rules? I ran into this problem when I initially created my OpenVPN server. Although I exported DNS and internal network, I wasn't able to access them until I allowed the traffic in the firewall module.
        Vote here to have wireless included in Untangle.