MikroTik

I am trying to configure a couple of PPTP dial on demand tunnels on my RB2011 at home.

Both tunnels come up via my mangle rule and they disconnect with my idle timeout which is nice.

My issue...how do I handle DNS resolution?

I would like to leave my DNS server set to my home 'Tik and be able to resolve "local" hosts for the VPN connected sites. I know I could change the DNS on my PC to make it work, but that defeats the PPTP client (I might as well dial the VPN connection from my laptop if I'm going to manually change DNS server IP address).

I thought I had the solution, add static NS records records for those domains pointed to the internal DNS server IP addresses, but can't add NS records.

What about scripting it? Is there a way I could script the 'Tik to change it's DNS servers (IP > DNS) when a tunnel is established and change it back when the tunnel is disconnected? I guess that might also prevent the idle timeout from taking effect.

Any ideas?

I am trying to configure a couple of PPTP dial on demand tunnels on my RB2011 at home.

Both tunnels come up via my mangle rule and they disconnect with my idle timeout which is nice.

My issue...how do I handle DNS resolution?

I would like to leave my DNS server set to my home 'Tik and be able to resolve "local" hosts for the VPN connected sites. I know I could change the DNS on my PC to make it work, but that defeats the PPTP client (I might as well dial the VPN connection from my laptop if I'm going to manually change DNS server IP address).

I thought I had the solution, add static NS records records for those domains pointed to the internal DNS server IP addresses, but can't add NS records.

What about scripting it? Is there a way I could script the 'Tik to change it's DNS servers (IP > DNS) when a tunnel is established and change it back when the tunnel is disconnected? I guess that might also prevent the idle timeout from taking effect.

Any ideas?

Oops - this was for PPPOE - sorry, needed to have a coffee before posting !!!

I will give that a try when I get home, don't know how I missed that option...

I'll update the post either way. Thanks for the idea!

I will give that a try when I get home, don't know how I missed that option...

I'll update the post either way. Thanks for the idea!

My bad - that was for pppoe .

For PPTP your remote server should be pushing the DNS to you. In Mikrotik PPTP server this is specified in the PPTP Profile. profile is determined by PPTP Server and/or Secret. The profile in secrets has priority

If that does not do the trick a script could check the pptp client is running then add a dns for you - that way it wont be pinging an address and bringing up the tunnel ?

Well that makes sense why I missed it

Where would I see the information that is passed to my PPTP client from the server? I can see the IP address my looking at the interface, but where can I see if DNS is being advertised by the PPTP server?

If you look under IP DNS any Dynamically assigned DNS's should be listed there

I'm guessing that probably relies on the dhcp client to have use peer DNS checked?


EDIT:
Yeah, I don't know what my options are...I'm starting to think I might have to script it. One of the tunnels is connected to another RB2011, and I checked the PPTP server and it is handing me DNS server address, but it's not working for me. I even tried doing a "DNS redirect" using layer 7, but I can't get that to work correctly either. It was redirecting all DNS not just the domain I included in layer 7 config.

Any ideas on what to "trigger" the script with?

When you say hosts at the other end do you mean windows hosts ? If so you may need to specify a wins server too and use FQDN's ?

They are mainly windows hosts I am trying to resolve, but one of the networks is a small office and all PCs are part of a workgroup. Mikrotik is handling DNS for that office. I would like to be able to resolve computers by name on that network from my laptop connected over the PPTP tunnel.

I'm starting to think it's more work than it's worth.

I tried the scripting route this evening but will have to modify something, I think it's NAT related. I don't think the DNS traffic from the mikrotik at my house is going over the tunnel.

Windows Host name resolution is generally done via a WINS server or LMHOSTS file on the PC. DNS only works for FGDN's such as host.domain.com

To resolve \\servename definitley requires WINS/LMHOSTS file.Alternatively you would need to setup static host entries like servername.sitename in Mikrotik DNS ?

Here is an interesting approach - https://www.dalemacartney.com/2012/12/2 ... -routeros/