Description:
Some customers would like to apply customized DNS settings (Primary and Secondary DNS Servers), setting this up only for a particular user or group.
Resolution:
- Disable full tunnel routing on the Access Server, which stops Access Server from pushing the global DNS server so you can configure multiple DNS servers:
sudo su cd /usr/local/openvpn_as/scripts ./sacli --key "vpn.client.routing.reroute_gw" --value "false" ConfigPut
- Disable Global DNS:
./sacli --key "vpn.client.routing.reroute_dns" --value "false" ConfigPut
In the case of individual user:./sacli --user <USER_NAME> --key "type" --value "user_compile" UserPropPut
In the case of Group:
./sacli --user <USER_NAME> --key "access_to.0" --value "+NAT:0.0.0.0/1" UserPropPut
./sacli --user <USER_NAME> --key "access_to.1" --value "+NAT:128.0.0.0/1" UserPropPut./sacli --user <GROUP_NAME> --key "access_to.0" --value "+SUBNET:0.0.0.0/1" UserPropPut
./sacli --user <GROUP_NAME> --key "access_to.1" --value "+SUBNET:128.0.0.0/1" UserPropPut - Define the DNS Servers per User/Group. In the example below, w assign different DNS Servers (8.8.8.8 and 8.8.4.4) for the "test" user:
echo 'push "dhcp-option DNS 8.8.4.4"' > file.txt
echo 'push "dhcp-option DNS 8.8.8.8"' >> file.txt
./sacli --user test -k prop_cc_cmds --value_file=./file.txt UserPropPut - Save the changes:
./sacli start
You've assigned DNS servers per User/Group successfully.
If you have additional questions please submit a ticket.
Comments
0 comments
Please sign in to leave a comment.