[NTLUG:Discuss] Mint13 VPN Weirdness
Ralph Green
sirable at gmail.com
Wed Sep 26 01:20:00 CDT 2012
On 9/23/12, Stephen Davidson <gorky at freenet.carleton.ca> wrote:
> When I VPN into a site, ping can not resolve any of the system names,
> but dig returns the correct IP addresses.
>
Howdy Stephen,
I would say more diagnostics are called for. I happen to be having
a similar problem with a firewall/VPN server I just setup. I narrowed
my problem down and I am looking for the right way to fix it. But,
back to your issue.
You can do a dig, but not a ping, Dig just connects to your dns
servers and returns information about the site you specify. Is your
DNS server on the other side of the VPN? ping tries to send a certain
type of packet to a server(and reports replies), which is presumably
on the VPN. In my case, I found that my connection to the VPN server
was fine. By pinging the ip address on the VPN server side of my
tunnel, I could see that traffic was getting there just fine. The
VPN server is not routing packets across to the LAN however,. I would
suggest you try pinging the other end of your tunnel, and try
traceroute to see how far into the other side you get. It might be
something like the routing table on your end of the VPN. Use "route
-n" to look at that.
ping and traceroute may not work for you. Sometimes the firewall is
configured to ignore those kind of packets coming in. This is done to
lessen the load on the network and to make the network less vulnerable
to some denial of service attacks. If your network's router is
configured this way, maybe you can get the admin to turn it back on
for a while to help you diagnose.
Good luck,
Ralph
More information about the Discuss
mailing list