On Tue, 2013-07-02 at 11:08 -0700, Jack Bates wrote: > > 1) Does this output cover all the data in the response from the > gateway? Is it possible that the gateway *does* advertise the "bcgov" > domain and OpenConnect just isn't printing it? You've included the actual HTTP headers in the response we get from the server. Yes, it's certainly possible for them to add new stuff in there which we don't interpret and pass to the vpn-script. But no, it's very unlikely that there's something that *isn't* in the HTTP headers you showed. Vaguely possible in theory that there might be something that doesn't get given to us unless we *ask* for it (like DTLS), but seems unlikely for DNS information. > 2) If not and the response from the gateway doesn't anywhere > mention "bcgov", is the gateway misconfigured? Or am I supposed to > send *all* DNS queries to the server advertised by the gateway? I think you are, yes. I think there might be some kind of split-DNS option but I don't remember the details and I don't see it in your output. -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5745 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20130702/2cebe925/attachment.bin>
