default route, and dns

Openconnect User openconnectml at
Thu Jun 25 22:18:47 PDT 2015


Why does openconnect add a default route through the vpn?  Since the 
existing default is still there now I have two.  (This is openconnect on 
osx from homebrew.)  Traceroutes to various systems inside and outside 
the remote end seem to go the right way though.

It doesn't add default routes on my linux box with openconnect that I 
built myself, but maybe I removed something from the vpnc-script. It has 
been a while since I set it up so I can't remember.

I'd also like to know what people do about dns.  On windows with the 
cisco client, dns magically works, resolving through the vpn to internal 
dns servers when necessary.  For linux/osx openconnect clients I run a 
caching dns server with forwarders for domains inside the vpn.  The 
problem is I don't know every possible domain I should forward, as the 
company is big and uses a lot of them.


More information about the openconnect-devel mailing list