On Mon, 2012-03-05 at 19:13 +0100, Andreas Profous wrote: > >2012/3/5 David Woodhouse <dwmw2 at infradead.org>: > > > > Your VPN server should tell you a new DNS server to use, which *will* be > > able to resolve VPN addresses. You're using the --script argument, > > right? What nameserver addresses are listed in /etc/resolv.conf ? > > I'm using the --script argument indeed, with the script file provided > in the git repository. > $ cat /etc/resolv.conf > [...] > nameserver 192.168.2.2 > > That's the DNS server of our local network, *not* of the VPN. > Apparently the VPN server somehow fails to tell me a new DNS server? > > My co-workers are able to connect to the VPN using Cisco Anyconnect on > Mac OS X. > - Is there a possibility to query the DNS server IP address from their > machine once they're connected? Not sure offhand; perhaps it'll be in /etc/resolv.conf. Or maybe you can work it out from the output of the 'host' command. Or sniffing the traffic on the VPN interface to see where the DNS traffic goes. > - If yes, how do I specify that openconnect ought to use that DNS > server IP address? Can add '-v' to the openconnect command line, then send me its output from when you connect? Yes, all you have to do to use the VPN's nameserver is to put it into /etc/resolv.conf. But that should be happening *automatically* if the VPN server is correctly telling you about where it is, and if the vpnc-script is doing its job. One possibility is that the address of the VPN's nameserver and your own local one are the *same*, because you're re-using the same range of private address space. -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5818 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20120305/3a634df9/attachment-0001.bin>
