Post Reply
Heera
Posts: 11
Joined: Thu Jan 31, 2019 11:37 am

OpenVPN and Hostnames!!

Sun Feb 10, 2019 6:34 am

I use my Pi for: OpenVPN and Pi-Hole along with file storage/sharing. I have it setup and working on my phone as well as my work computer to remote into my home machine. I had it setup to where I would type in my no-ip DDNS hostname and it would connect.. Recently I was told that I shouldn't have port 3398 (and 5900) open to the web via my router due to security reasons (port scanning..etc) My router was configured to allow these ports to my desktop and my Pi. After closing these ports, I am still able to remote into my machines, but only via IP Address. It will not connect/find my computer via Hostname. I can ping locally both machines hostname/DDNS address (while connected to the VPN)

Can someone help me with this? Am I able to connect via hostname? I would before, just RDP into my home computer which then I'd VNC into my Pi..

TL:D - I have OpenVPN setup, disabled port 3398/5900 and can no longer connect to the computers via hostname/DDNS address. VPN still works and I can connect via IP but not hostname.
Last edited by Heera on Sun Feb 10, 2019 6:50 pm, edited 1 time in total.
epoch1970
Posts: 5203
Joined: Thu May 05, 2016 9:33 am
Location: Paris, France

Re: OpenVPN and Hostnames!!

Sun Feb 10, 2019 10:26 am

Your VPN client changes the machine’s name resolution setup once it connects.
This is done by default following 2 assumptions:
- you’re supposed to have private resources in your private network, and a name service pointing to them,
- you don’t want your DNS queries to “leak” outside the VPN.
If you’re a bank, these assumptions are valid, but otherwise...

Before you added the VPN, name resolution was working. Assuming you’re using DNS for name resolution (not mDNS or netbios) you can go three ways:
- add and setup a DNS server within the VPN network so that it resolves names for clients in that network, or
- change the VPN client setup so that it keeps using the existing DNS server(s), or
- fudge the hosts file that is used in the client machine with static IP/name pairs. Traditionally the resolver logic on a machine will lookup the hosts file first and will ask DNS servers second if the answer was not found. Adding entries in hosts is a quick and dirty fix: you will forget you’ve done it and one day be left wondering why some parts of the Internet don’t work right on that machine.
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel
Post Reply

Return to “Beginners”