On 10/27/2016 12:03 PM, Robert Mittendorf wrote:
> Just saw the Qubes VPN project right now.
>
> Quick-reading the tutorial I have to questions:
>
> 1) why does the VPN-VM need to be allowed to do DNS,
The VPN VM does not need to be allowed to do DNS. You can set an IP in
its configuration and then no DNS is needed.
I will expand the instructions to indicate that.
> if DNS requests are routed through the VPN. Is it just in case the VPN
> server it wants to connect to is defined by hostname instead of IP?
No. The DNS requests of the chained AppVMs are routed to the DNS
servers declared by the VPN server. The DNS requests of the VPN VM
itself are routed to the DNS servers of the NetVM that is upstream of
the VPN VM.
> 2) why is the recommendation to allow all hosts for the VPN server
> (and not only the VPN servers IP)?
No reason. I will clarify that there's no need to do that.
>
> thank you
>
Thank you for helping me clarify the documentation.
--
Rudd-O
http://rudd-o.com/
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/1324039e-5a32-e200-b60b-533a9ad56ceb%40rudd-o.com.
For more options, visit https://groups.google.com/d/optout.
