-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, I am working with a client that has their own OpenVPN server configured, which I want to configure on my machine as a split tunnel VPN. I only want to route my traffic through their network to resources that they provide access to, otherwise use whatever the default network setup I happen to be on. I've been successful in routing known IP addresses through the tunnel, but I'm stuck with a nameserver problem - I can't resolve a host even when I add the ipv4 address to list of routes (see below). I'm wondering if there are any networking gurus here that can give me a hand. I'm using Tumbleweed, Gnome, and Network Manager I've been given an OpenVPN configuration file (client.ovpn) that I've loaded into the Gnome VPN settings GUI twice - once for the full tunnel and another for my "split" tunnel. I've configured the split tunnel connection as follows: # nmcli connection modify <split> dns=<local dns> # nmcli connection modify <split> ignore-auto-dns=true # nmcli connection modify <split> +ipv4.routes <cidr/32> When connecting to the split tunnel, I can access some of the resources based on IP, but others are not resolvable. Also, this is not really ideal as I'm setting up my DNS for this connection manually, rather than using what my LAN is providing. The difference between the hosts I can/can't resolve seems to be related to name servers. The hosts that I can connect to are also resolvable without the VPN (e.g. 'ping' is able to resolve the host -> ip but refuses my connection), whereas the hosts that are not resolvable without VPN remain unresolvable with the split VPN tunnel. The problem is that I don't know what information I need to configure the split tunnel correctly. This is what nslookup returns for one of the unresolvable hosts while connected to the full VPN. Isn't 8.8.8.8 just Google? $ nslookup <the host> Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: <the host> Address: 10.243.a.b Name: <the host> Address: 10.243.c.d Name: <the host> Address: 10.243.e.f Thanks in advance, Chris -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEss2dENO/PTuA9NTTOdNgxkl4+QMFAmAaZOQACgkQOdNgxkl4 +QP8zA/8DJhW+nDG/JYe6CJwvaFBCSJ/7RodlXJHYmUPT54+wcsqfTNy9YFmaR+S OJTzfTwh5a3B5JUzsV7mvN81x957qvAxs4pKoImw7Qud32JHfV+1sPB+7Zcgd5KQ VkC0RjwCxoFUsQQHV42UeFaEvhLb0Ki0eeroXVQHv4qvP/DHNzLuOEQ9SRQERj1H Z71X3bSIPOKlGj0ye0g7C3/8hk33QT3Ae4QchfY0J3xwTOjBQtWCgZV8k1mP0grz etMLDyTef0WBmyqne4aq8hlwWdBPBqC6FBn0d1klgra2MAfyvutA3HxjMDc251Nu KJgTPT5qZ/rGEM4hy2UTYsrHP/FjNK3jsBmETURM130syBg4b9JtOI9XV+XQz4kN bZ9jFeAzKuSpwcaqR3bYLNPAcXPMzVmFU06fb1uhIchRqoDt+upxjefBvw2RwDpi RaNZBdE1qbSWHxij71zTIUhYCYmWDnzyvmM1xswsIXgvnaO/zwxwzjlspTe1JuMy zaX5vBcJwfq1yzIFQvORVGzrXYQw8Cgu4+eCYfdRCr/zNiQnUyqoBvN/LDIzQtyv +H9EgI/EcI6ZDFc5HIyLSigesXTDMmfnhO29yjVj9YZ/Rv+4Ip6JX+SDogw4SxZO Kp08IxLvoTnohiCZkwaaGJ/lSLfPY10xqCSIRstEDNSehCZOkF4= =FMSE -----END PGP SIGNATURE-----