Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the 'Avoid creating PPTP default routes' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Avoid creating PPTP default routes
Authored by: Kirke on Oct 09, '04 02:54:58AM

This hint is great, but I have a couple of questions just to clarify what's going on and a bit of a problem that maybe someone can help solve.

First, is it fair to assume that ip-up (and ip-down) are files that [something] looks for and executes when initiating (and ending) a VPN session? It just happens that they are missing/not used by default? Is "[something]" Internet Connect or is this a more standard unix thing?

Ok, now here's my problem--a bit of a catch-22 actually. The DNS that can resolve the names of internal servers to their corresponding IP addresses is itself only available "internally." Let me give an example; maybe that will explain this better.

Pretend I work for Zippy Foods and want to connect to VPN. The VPN server's address is, the public Web site is and there is an internal server called The DNS that can resolve the name is at and is only reachable from inside the network.

So, following the instructions from hint, I get to the resolver step and create a new file called that looks like:
nameserver [something cryptic]
port 53
timeout 1

So now I try to connect to the VPN at or go to the public Web site and get an error since it can't resolve those names. Since they are part of, my computer tries to ask about them and gets no response (because it's not reachable from outside the network).

I can fix the VPN part by changing my parameters to look for the IP address of the VPN server instead (no big deal). But that doesn't solve the issue of not being able to get to the public Web site when not connected to the VPN.

I thought maybe a new entry in the /etc/resolver directory for pointing to local ("ln -s local") might solve this, but it doesn't seem to. There must be a way to resolve this issue. Any suggestions? It seems silly to have to connect to the VPN even to connect to public servers.


[ Reply to This | # ]