dns issues on ubuntu 14.04

Mon Apr 13 10:08:29 UTC 2015

thanks again for your help and your configurations
yes, exactly. I'm not able to view the webpage when I enter
http://hostname/ while viceversa (http://ip-address/) yes.

I'm investigating and I stille have not solved the situation.
the clients are physical while the vpn server is virtual

sincerely I do not know
anyone have an idea?

thanks in advance
regards

On Thu, 09 Apr 2015, Henk te Sligte wrote:

> So I think your setup is a bit different, and I'm not sure if openvpn is
> really your problem. You say that if you enter http://hostname/ in your
> browser you get a page not found, but if you enter http://<ip address>/ in
> your browser you get a web page?
> I assume the dig response from either your lubuntu and your ubuntu client
> are the same, so then I'm guessing your web server is the one causing the
> problems. Just in case, I added my openvpn/iptables configuration, but I
> don't think they are really useful in your case.
> VPN server openvpn config: http://cloud.hjts.nl/index.php/s/ebqSTmiYSeH7WUO
> VPN server iptables: http://cloud.hjts.nl/index.php/s/LriJDODgceb2rhY
> Router iptables: http://cloud.hjts.nl/index.php/s/a6dZpzg3GZDjzTj
> 
> Can you try to remove openvpn from this issue? Can you reproduce the
> problem with physical clients in the network?
> 
> On Wed, Apr 8, 2015 at 10:43 AM, Paolo De Michele <paolo at paolodemichele.it>
> wrote:
> 
> >
> > hi Henk te Sligte,
> >
> > thanks for your reply and your help
> > about your questions:
> >
> > - the vpn server is configured so that if the request is a particular
> >   client takes a particular IP address and vice versa; in this case the
> >   vpn server in its configuration has 2 routes:
> >
> >   192.168.40.x and 10.8.0.x
> >
> > - if I not use a particular certificate and key file I've an ip like
> >   this: 10.8.0.x while if I use another one certeficate and key file
> >   I've 192.168.40.x. in my laptop with lubuntu I simulated both
> >   situations and I have no problem. this mean that the vpn server works
> >   correctly
> >
> > - if I try the same configuration in a client by ubuntu I can not be
> >   able to view the webpage (as if the problem were side dns).
> >   all addresses are resolved with the dig command. if I try via hostname
> >   doesn't works, if I try via ip address it works.
> >
> > yes, that's weird.
> > I saw your image and works fine for my scope
> > so, I'm interested in your configuration
> >
> > please let me know, thanks in advance
> > regards
> >
> >
> > On Tue, 07 Apr 2015, Henk te Sligte wrote:
> >
> > > That's weird.. The ip addresses are in different networks.. Which clients
> > > are these? Is one Lubuntu and another one Ubuntu? Which is which?
> > >
> > > From what I understand from you, your network looks like this:
> > > http://tmp.hjts.nl/vpn-ubuntu.png - is that correct?
> > > I'd be happy to share my configuration, I actually first built the whole
> > > network in VirtualBox and then implemented it. It looks like this:
> > > http://tmp.hjts.nl/vpn-virtualbox.png Let me know if you are interested.
> > >
> > > On Tue, Apr 7, 2015 at 4:56 PM, Paolo De Michele <
> > paolo at paolodemichele.it>
> > > wrote:
> > >
> > > >
> > > > lubuntu use lxde and network manager
> > > > 2 clients with ubuntu use unity as DE
> > > >
> > > > about your questions:
> > > >
> > > > - all clients does the openvpn connection via cli (command line)
> > > > - the connection from client to server works properly
> > > >
> > > > when I do the ifconfig on all clients, I have:
> > > >
> > > > loopback and eth0 egual (change only the ip address)
> > > > tun0 is a bit different (also here change the ip address)
> > > >
> > > > tun0      Link encap:UNSPEC
> > > > HWaddr00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
> > > >           inet addr:192.168.40.130  P-t-P:192.168.40.129
> > > > Mask:255.255.255.255
> > > >           UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1378 Metric:1
> > > >           RX packets:157 errors:0 dropped:0  overruns:0 frame:0
> > > >           TX packets:188 errors:0 dropped:0 overruns:0 carrier:0
> > > >           collisions:0 txqueuelen:100
> > > >           RX bytes:72840 (72.8 KB) TX bytes:41759 (41.7 KB)
> > > >
> > > > tun0      Link encap:UNSPEC
> > > > HWaddr00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
> > > >           inet addr:10.8.0.14  P-t-P:10.8.0.13 Mask:255.255.255.255
> > > >           UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1378 Metric:1
> > > >           RX packets:225 errors:0 dropped:0 overruns:0 frame:0
> > > >           TX packets:257 errors:0 dropped:0 overruns:0 carrier:0
> > > >           collisions:0 txqueuelen:100
> > > >           RX bytes:92662 (92.6 KB) TX bytes:49045 (49.0 KB)
> > > >
> > > > On my client (it works) I tried both ip addresses and it works properly
> > > >
> > > >
> > > > On Tue, 07 Apr 2015, Henk te Sligte wrote:
> > > >
> > > > > So the difference is only lubuntu or ubuntu? I'm not sure if lubuntu
> > has
> > > > > Network Manager, how do you connect with the clients? Do you use
> > Network
> > > > > Manager or the console application? Do you see the clients making the
> > > > > openvpn connection on the server? Just to make sure, can you do
> > ifconfig
> > > > on
> > > > > all clients?
> > > > >
> > > > >
> > > > > On Tue, Apr 7, 2015 at 3:50 PM, Paolo De Michele <
> > > > paolo at paolodemichele.it>
> > > > > wrote:
> > > > >
> > > > > >
> > > > > > thanks for your reply
> > > > > > I do not think it is a server problem because a client is working
> > > > properly
> > > > > > if you see the previous email dig works fine but when I request
> > that
> > > > web
> > > > > > page from a browser can not display the page
> > > > > >
> > > > > > I have this problem only with two clients that use ubuntu.
> > > > > > the client with lubuntu works properly.
> > > > > >
> > > > > > can I verify anything else?
> > > > > > thanks in advance
> > > > > >
> > > > > > regards
> > > > > >
> > > > > > On Tue, 07 Apr 2015, Henk te Sligte wrote:
> > > > > >
> > > > > > > Just yesterday I configured a debian openvpn server and ubuntu
> > > > clients.
> > > > > > On
> > > > > > > the server, you need to have IP forwarding enabled, and iptables
> > > > should
> > > > > > > forward all traffic.
> > > > > > >
> > > > > > > First, enable IP forwarding:
> > > > > > > sudo sysctl -w net.ipv4.ip_forward=1
> > > > > > > sudo /etc/init.d/procps restart
> > > > > > >
> > > > > > > Then, let iptables forward all traffic:
> > > > > > > iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
> > > > > > > iptables -A FORWARD -i tun0 -o tun0 -j ACCEPT # vpn to vpn
> > > > > > > iptables -A FORWARD -i tun0 -o eth0 -j ACCEPT # vpn to ethernet
> > > > > > > iptables -A FORWARD -i eth0 -o tun0 -j ACCEPT # ethernet to vpn
> > > > > > >
> > > > > > > Note that this doesn't filter any traffic, it just makes sure
> > that
> > > > you
> > > > > > can
> > > > > > > communicate with the ethernet. If you want to block certain
> > traffic
> > > > and
> > > > > > > allow other traffic, I suggest to read some more about iptables.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > On Tue, Apr 7, 2015 at 11:14 AM, Paolo De Michele <
> > > > > > paolo at paolodemichele.it>
> > > > > > > wrote:
> > > > > > >
> > > > > > > > anyone can help me?
> > > > > > > > thanks in advance
> > > > > > > >
> > > > > > > > regards
> > > > > > > >
> > > > > > > > On 3 April 2015 at 12:25, Paolo De Michele <
> > > > paolo at paolodemichele.it>
> > > > > > > > wrote:
> > > > > > > >
> > > > > > > >> hi there,
> > > > > > > >>
> > > > > > > >> this is my scenario:
> > > > > > > >>
> > > > > > > >> - 1 server (I installed openvpn and bind via docker in 2
> > different
> > > > > > > >> instances)
> > > > > > > >> - 3 clients (first one with lubuntu 14.04 x64 and the last two
> > > > clients
> > > > > > > >> with ubuntu 14.04 x64)
> > > > > > > >>
> > > > > > > >> the vpn server works correctly
> > > > > > > >> if I connect to the server with vpn client installed lubuntu I
> > > > have no
> > > > > > > >> problem.
> > > > > > > >> if I try ubuntu by clients, same problems.
> > > > > > > >>
> > > > > > > >> let me explain:
> > > > > > > >>
> > > > > > > >> the connection to the vpn server works correctly
> > > > > > > >> I have an additional interface called tun0 with a regular ip
> > > > address
> > > > > > > >> I have also the new dns servers: the first one private (my dns
> > > > server)
> > > > > > > >> and the other two (publics)
> > > > > > > >>
> > > > > > > >> if I try to solve an hostname by dig command, works perfectly
> > > > > > > >> if I try to view the same hostname via browser I cannot be
> > able to
> > > > > > > >> visualize the webpage
> > > > > > > >> If I try the ip address, works perfectly
> > > > > > > >>
> > > > > > > >> can I do other tests?
> > > > > > > >> anyone can help me please?
> > > > > > > >>
> > > > > > > >> thanks in advance
> > > > > > > >> regards
> > > > > > > >>
> > > > > > > >
> > > > > > > >
> > > > > > > > --
> > > > > > > > ubuntu-users mailing list
> > > > > > > > ubuntu-users at lists.ubuntu.com
> > > > > > > > Modify settings or unsubscribe at:
> > > > > > > > https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
> > > > > > > >
> > > > > > > >
> > > > > >
> > > > > > > --
> > > > > > > ubuntu-users mailing list
> > > > > > > ubuntu-users at lists.ubuntu.com
> > > > > > > Modify settings or unsubscribe at:
> > > > > > https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
> > > > > >
> > > > > > --
> > > > > > ubuntu-users mailing list
> > > > > > ubuntu-users at lists.ubuntu.com
> > > > > > Modify settings or unsubscribe at:
> > > > > > https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
> > > > > >
> > > >
> > > > > --
> > > > > ubuntu-users mailing list
> > > > > ubuntu-users at lists.ubuntu.com
> > > > > Modify settings or unsubscribe at:
> > > > https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
> > > >
> > > >
> > > > --
> > > > Paolo De Michele
> > > > Finger Print: 038F 13HS 9339
> > > >
> > > > --
> > > > ubuntu-users mailing list
> > > > ubuntu-users at lists.ubuntu.com
> > > > Modify settings or unsubscribe at:
> > > > https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
> > > >
> >
> > > --
> > > ubuntu-users mailing list
> > > ubuntu-users at lists.ubuntu.com
> > > Modify settings or unsubscribe at:
> > https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
> >
> >
> > --
> > Paolo De Michele
> > Finger Print: 038F 13HS 9339
> >
> > --
> > ubuntu-users mailing list
> > ubuntu-users at lists.ubuntu.com
> > Modify settings or unsubscribe at:
> > https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
> >

> -- 
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users