At this point I have dynamic DNS working well with a freedombox.rocks sub-domain, and I don't want to mess it up.
Internally, I've been using /etc/hosts but that's getting cumbersome, so I've been thinking of using the BIND app of the FreedomBox. Installed it but I can't start it. I'm also not sure what to put in the "Forwarders" field. Right now DNS requests are being forwarded to the FreedomBox and beyond by what I've put into /etc/network/interfaces on the internal machines. Also installed OpenVPN, but I can't seem to configure the client on a test laptop running Debian stable. I did download the profile and installed openvpn, openvpn-auth-ldap, gadmin-openvpn-client, network-manager-openvpn, network-manager-openvpn-gnome. After some attempt at configuration with gadmin-openvpn-client, which failed claiming that some server certificates had to be entered first, it also messed up something in the networking of that laptop, which had a fresh install without any /etc/hosts file or any change to /etc/network/interfaces. All networking was done automatically with network-manager and it worked great. In fact it probably found some dns server in the cable modem and I was able to connect by name to other internal machines. That stopped as soon as I started testing openvpn. Even after I stopped OpenVPN on the FreedomBox, the new behavior on the new laptop continues. I did import the <user>.ovpn config file generated by the FreedomBox OpenVPN app into gadmin-openvpn-client. Incidentally, the <user>.ovpn profile file was generated with the local name: remote <local name of the FreedomBox>.local 1194 which I changed to remote <sub-domain>.freedombox.rocks 1194 The latter can be pinged and accessed internally as well as from outside. It used to be that this ping returned a ping from the FreedomBox. Since I installed OpenVPN, now disabled, the pings return from a comcast.net address. WTF ??? $ ping <sub-domain>.freedombox.rocks PING <sub-domain>.freedombox.rocks (73.160.195.4) 56(84) bytes of data. 64 bytes from c-73-160-195-4.hsd1.nj.comcast.net (73.160.195.4): icmp_seq=1 ttl=63 time=1.07 ms 64 bytes from c-73-160-195-4.hsd1.nj.comcast.net (73.160.195.4): icmp_seq=2 ttl=63 time=0.956 ms If I were to get OpenVPN working from an external laptop, how would my internal machines (with their 192.168.x.x IPs) be found from the external laptop connecting through VPN? Would that require BIND running on the FreedomBox? Assuming that FreedomBox BIND is not incompatible with dynamic DNS, I would also like to give it some hint as to what IPs to assign to the different internal machines, kind of like an /etc/hosts file on the freedombox. How can that be done? That would give me the equivalent of static IP addresses that would have to be maintained in one place only. Installing OpenVPN has really messed things up. How can I fix this the way it was, or get OpenVPN to work? I'm especially concerned that packets that should remain local to the FreedomBox are now being returned by comcast, probably the modem, but why? Since I don't have much control over the modem (it is now more locked up than before, probably due to some upgrade they did without my knowledge) I'd like internal packets to remain internal. What are those server certificates that gadmin-openvpn-client requires? I would have thought that importing the <user>.ovpn file would be sufficient. Please help! Augustine _______________________________________________ Freedombox-discuss mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/freedombox-discuss
