DNS server push for OpenVPN split tunnelling
-
Hi community!
I am using pfsense and OpenVPN for VPN connectivity for my office. Currently all internet traffic goes through the OpenVPN connection. This isn't ideal so would like to implement split tunnelling. We've had a go at this already but noticed that when the DHCP reservation is given to a VPN user, no DNS server is supplied despite being set. This is stopping remote LAN name resolution. As soon as we disable split tunnelling the DNS server is set and resolution works.
Any help/explaination would be greatly appreciated.
Matt
-
@mstanding
Seems like you're missing the route to the DNS server.
So check the DNS setting on the client and if the route to the server is added to the client. -
Hi @viragomann ,
I can see a route to the network and I am able to tracert/ping a host on the network - but by IP only.
-
@mstanding
And what's about the clients DNS settings? Does it even use the remote DNS server? -
Hi @viragomann ,
No. No DNS server is specified.
-
@mstanding
So either add the remote DNS server as primary DNS on the client or configure the OpenVPN server (assume this is the office) to provide a DNS (remote access mode) and the client to pull the DNS from the server. -
@viragomann said in DNS server push for OpenVPN split tunnelling:
configure the OpenVPN server (assume this is the office) to provide a DNS (remote access mode) and the client to pull the DNS from the server.
Thanks @viragomann , how would we do this?
-
@viragomann I mean we add the company DNS server address into the DNS server settings for the split tunnelling and it doesn't get advertised to the clients.
-
@mstanding said in DNS server push for OpenVPN split tunnelling:
I mean we add the company DNS server address into the DNS server settings for the split tunnelling
You have to provide it in the OpenVPN server settings:
it doesn't get advertised to the clients.
And on the client:
If this doesn't work, check the clients OpenVPN log for hints on what's wrong.