[ previous ] [ next ] [ threads ]
 From:  Falcor <falcor at netassassin dot com>
 To:  Brian Morton <rokclimb15 at gmail dot com>
 Cc:  Lee Sharp <leesharp at hal dash pc dot org>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Register DHCP leases in DNS forwarder not working over PPTP
 Date:  Mon, 12 Feb 2007 21:59:18 -0800
If there is no reason for you to send your ISP's DNS server info to the 
clients I would remove it.  It is safer to run your own DNS cache as it 
is, and it removes issues like this.  m0n0wall will use the DNS servers 
supplied by the DHCP info from your ISP or as provided by PPTP, etc.  
Make sure the option to override the DNS settings with the dynamic info 
from the WAN is unchecked.

Brian Morton wrote:

> You are correct about my setup.  It is as you described it with the 
> DNS forwarder).  However, it seems that nslookup on Windows XP gives 
> up when it tries to find the hostname on the first DNS server (primary 
> local DNS, provided by my ISP, Speakeasy).  It doesn't subsequently 
> try my secondary local or primary PPTP (m0n0wall).  If I manually specify
> nslookup <remote NetBIOS hostname to try>
> where is my m0n0wall address, it succeeds.  However, the 
> XP networking stack doesn't seem to have the sense to do this on its own.
> Falcor wrote:
>> What are you using for the DHCP server for the PPTP network?  If you 
>> are using the m0n0wall for this:  The DNS servers entered in System: 
>> General setup <https://m0n0wall/system.php> (or the DNS forwarder 
>> <https://m0n0wall/services_dnsmasq.php>, if enabled) will be assigned 
>> to clients by the DHCP server.  The PPTP "Server address" will also 
>> be added as a DNS server... thus the DNS lookup will still hit the 
>> m0n0wall.  Unless of course you are redirecting the PPTP connections 
>> to another PPTP server.
>> Brian Morton wrote:
>>> I have figured out the issue, now I just need to figure out how to 
>>> fix it.
>>> By default, m0n0wall only includes a rule to allow TCP traffic from 
>>> the PPTP
>>> clients.  Since DNS is a UDP protocol, all DNS lookups from PPTP 
>>> clients
>>> were being blocked.  I added a rule to allow all UDP traffic over 
>>> the PPTP
>>> interface, and this resolved the issue of being able to resolve names.
>>> Unfortunately, it appears Windows XP tries the local DNS servers for my
>>> network interface before trying the one on my PPTP interface.  This 
>>> means
>>> that when I try to resolve a hostname on the m0n0wall network, it first
>>> attempts my primary local DNS server, which is a public DNS server 
>>> for my
>>> ISP.  This lookup fails, and it assumes that the host does not 
>>> exist.  Is
>>> there any way to make the DNS server served by the PPTP server take 
>>> priority
>>> over my local DNS?
>>> On 2/12/07, Lee Sharp <leesharp at hal dash pc dot org> wrote:
>>>> On Mon, 12 Feb 2007 14:44:36 -0500
>>>>   Brian Morton <rokclimb15 at gmail dot com> wrote:
>>>> > I am running 1.23b3 pc-generic on a PII 300 with 128MB RAM.  This is
>>>> >my first set up at this location, so I can't say if this feature
>>>> >worked prior to this version.  I have the option set to "register
>>>> >dhcp leases in DNS forwarder".  In my prior experience with m0n0wall,
>>>> >this should cause a Windows computer name to resolve to the internal
>>>> >ip address (for instance, a computer named "brian" should resolve to
>>>> >an internal address when "brian" is pinged).  This does not seem to
>>>> >be the case when I connect via PPTP.
>>>> Do an "ipconfig" on the machine you are tunneling in on.  I bet your
>>>> DNS is NOT the remote m0n0wall.  And it will need to be to find those
>>>> names.
>>>>                            Lee