Openvpn
如何配置 OpenVPN 客戶端的 DNS?
我有一個使用以下配置文件執行的 OpenVPN 伺服器
port 1194 proto tcp dev tun ca ca.crt cert server.crt key server.key dh dh2048.pem topology subnet server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 8.8.4.4" keepalive 10 120 tls-crypt myvpn.tlsauth cipher AES-256-CBC compress lz4-v2 push "compress lz4-v2" user nobody group nobody persist-key persist-tun status openvpn-status.log log /var/log/openvpn.log verb 3 remote-cert-eku "TLS Web Client Authentication"我連接了不同的客戶端,在 Debian 機器上我使用了以下配置文件
client tls-client ca ca.crt cert pibox.crt key pibox.key tls-crypt myvpn.tlsauth proto tcp remote X.X.X.X 1194 tcp dev tun topology subnet cipher AES-256-CBC log /var/log/openvpn.log pull script-security 2 up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf一切正常,我可以訪問我的 VPN,也可以訪問網際網路,我正在嘗試設置一個 CentOS 7 客戶端,我使用相同的配置文件但因為
script-security 2 up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf無法使用,我不確定如何配置DNS,我研究過有人提到
openresolv,我也嘗試過pull-filter ignore "dhcp-option DNS"但沒有任何效果,我也讀過這個,但我沒有
/usr/share/openvpn/update-resolv-conf /usr/share/openvpn/update-resolv-conf在 CentOS 客戶端上配置 DNS 的正確程序是什麼?
我設法修復它,我所做的是
cd /etc/yum.repos.d sudo wget https://copr.fedorainfracloud.org/coprs/macieks/openresolv/repo/epel-7/macieks-openresolv-epel-7.repo sudo yum update sudo yum install openresolv它會創建
/etc/resolv.conf然後我修改它以設置我的自定義 DNS
# Generated by NetworkManager search Home nameserver 8.8.8.8 nameserver 8.8.4.4客戶
client tls-client ca ca.crt cert i7box.crt key i7box.key tls-crypt myvpn.tlsauth proto tcp remote x.x.x.x 1194 tcp dev tun topology subnet cipher AES-256-CBC log /var/log/openvpn.log pull我也禁用了自動 DNS 並放置了靜態 DNS,如果您知道更好的方法,請告訴我