Hi,
My company uses two search domains. DNS lookups for hosts under either
of these domains should be routed to through the VPN connection to my
company's DNS servers. Unfortunately, when I connect via vpnc from my
Apple laptop, only hosts under one of the search domains are resolving
from all applications. Hosts from both domains are resolving via dig,
nslookup, and host; but they don't resolve when I try to ping them, or
from some other tools.
It's not that I need the search domain added so that I can just type
the short name, I don't mind typing out the FQDN for these hosts if
need be, but even the FQDN isn't resolving because of the way OS X
routes requests using scutil. It would be awesome if there were a way
to pass in extra search domains from the config file to be resolved
through the vpn connection. Based on a quick examination of
vpnc-script, it looks like they could be added to
SupplementalMatchDomains here:
308 scutil >/dev/null 2>&1 <<-EOF
309 open
310 get
State:/Network/Service/$TUNDEV/DNS
311 d.add
DomainName $CISCO_DEF_DOMAIN_ORIG
312 d.add
SearchDomains * $CISCO_DEF_DOMAIN_ORIG
313 d.add
SupplementalMatchDomains * $CISCO_DEF_DOMAIN_ORIG
314 set
State:/Network/Service/$TUNDEV/DNS
315 close
316 EOF
Alternatively, if there were a way to specify an additional script to
be run after vpnc-script I could do it there as well. Is there a
simple way to do this that I'm missing?
-Steven Willis
_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/
My company uses two search domains. DNS lookups for hosts under either
of these domains should be routed to through the VPN connection to my
company's DNS servers. Unfortunately, when I connect via vpnc from my
Apple laptop, only hosts under one of the search domains are resolving
from all applications. Hosts from both domains are resolving via dig,
nslookup, and host; but they don't resolve when I try to ping them, or
from some other tools.
It's not that I need the search domain added so that I can just type
the short name, I don't mind typing out the FQDN for these hosts if
need be, but even the FQDN isn't resolving because of the way OS X
routes requests using scutil. It would be awesome if there were a way
to pass in extra search domains from the config file to be resolved
through the vpn connection. Based on a quick examination of
vpnc-script, it looks like they could be added to
SupplementalMatchDomains here:
308 scutil >/dev/null 2>&1 <<-EOF
309 open
310 get
State:/Network/Service/$TUNDEV/DNS
311 d.add
DomainName $CISCO_DEF_DOMAIN_ORIG
312 d.add
SearchDomains * $CISCO_DEF_DOMAIN_ORIG
313 d.add
SupplementalMatchDomains * $CISCO_DEF_DOMAIN_ORIG
314 set
State:/Network/Service/$TUNDEV/DNS
315 close
316 EOF
Alternatively, if there were a way to specify an additional script to
be run after vpnc-script I could do it there as well. Is there a
simple way to do this that I'm missing?
-Steven Willis
_______________________________________________
vpnc-devel mailing list
vpnc-devel@unix-ag.uni-kl.de
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/