Linux Mint Forums

While I started this a while back, the problem I had then is not the problem I have now, so I thought I'd open a new query for the new problem.

Here's the issue, as shown in the log files for the Mint 19 client set to verbosity level 4: So, details. I'm trying to connect using OpenVPN so that my Mint 19 system will appear inside the remote network, and will use the remote network's Windows DC for DNS. The OpenDNS host is an Untangle firewall, which has, I believe, some customization in place to make it a bit more user-friendly. It will, on request, generate an .ovpn file, or a .conf file, with the appropriate keys and configuration. The settings I'm seeing there are correct: the network is 10.2.0.0/22, the DC is 10.2.1.196, and once it connects I can ping devices in the host network by IP and can access network services by IP. The options error means that the entire DNS push request is ignored, and the DNS update does not get dropped into resolv.conf, so despite the fact that I am invoking the systemd resolv update script, there's nothing for it to do. And as a result, I cannot access any machine in the host network by name, which is a problem if the intent is to test authentication to a DC from within Linux.

On a Windows machine, I have downloaded and installed OpenVPN from their web site, and I have used an .ovpn file generated by the firewall on that machine. Both with that machine's original OpenVPN 2.4.3 install, and the later 2.4.8 install, I was able to connect without issue and the internal network names resolved without issue.

So the problem I'm seeing is apparently with something on the Mint 19 / OpenVPN 2.4.4 default install. If I knew what part of the push was being problematic, I might be able to tweak the firewall to not include it in the request; but without that information, I'm kind of stuck. Please don't suggest that I visit the OpenVPN forums for this, mention of Untangle basically seems to shut them off; and this issue has also been beaten to an unresolved standstill on the Untangle forums.

Apparently, update-resolv-conf isn't working since Ubuntu 18.04, something to do with a change to netplan.

From what I read, following should solve it .
Change from your previous topic: .
Add to client config: (there's a dot at the end!)

More here:
https://github.com/jonathanio/update-systemd-resolved

Okay, that mostly worked. It's a major step up certainly, thank you very much for that - I wouldn't have known where to start looking - but I don't know if we're completely out of the woods yet.

I unfortunately have to trot off to an unrelated job today and tomorrow, so I can't investigate in depth, but at the moment while I can ping machines in the host network by name, I'm unsure whether I can access file shares by name. Nemo, when I go into network / Windows network, still shows only open shares on my local network. More on this when I get a chance, of course.

Ok nice, so that worked. Will make note because I'm still on Mint 18.3 (16.04)

Better to open a new topic for accessing SAMBA shares.

Oh yeah, I saw your post on Untangle.

What push error do you mean?
If it's I already answered here:
viewtopic.php?f=157&t=305614&p=1716586#p1716543

So you did. My apologies; for some reason I thought that error applied to the entire push request rather than just that bit of it.

I'm honestly not worried yet about SAMBA; I don't need access to file shares, I'm just using it as a diagnostic at the moment. What I'm trying to do is have a Linux machine authenticate to the domain so that the users don't have to remember yet another password to access things that will be on Linux. And I won't be asking about that unless my research to date proves broken. But some ancient forms of authentication use shares like $LOGIN and my worry, if it is a worry at all, is that without file shares visible I might not be able to find those. My research to date though would suggest strongly that Kerberos don't care.