Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Troubleshooting DNS failures over VPN from Win11 clients

    Scheduled Pinned Locked Moved
    IPsec
    2
    4
    516
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      smk
      last edited by smk

      Hi

      Would appreciate any help to troubleshoot why DNS resolutions are failing after Windows 11 clients successfully make VPN connections to pfsense+ ver 23.09.1-RELEASE.

      Configurations:

      • Configured pfsense+ with IPsec Remote Access VPN Using IKEv2 with EAP-MSCHAPv2 by followingthese steps.
      • Windows client configured following these steps.

      On the Windows client, after connecting to VPN see here

      DNS Servers is showing to be set correctly (192.168.222.1). I believe the reason for DNS failure is that the DNS Server is showing unknown.

      Client configurations made on pfsense+ : see here

      Can someone please help me why DNS is failing on clients after a successful VPN connection? What am I missing?

      Thanks in advance
      Best Regards
      SMK

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @smk
        last edited by

        @smk what server is 168.63.129.16 ?? Why would he know about your stuff?

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.03 | Lab VMs 2.7.2, 24.03

        S 1 Reply Last reply Reply Quote 0
        • S
          smk @johnpoz
          last edited by smk

          Thanks @johnpoz. Apologies for the delay in response.

          168.63.129.16 is a virtual public IP address that is used by Azure to facilitate a communication channel to Azure where the client VM resides.

          You hit it on the nail! No problems when testing on a laptop as VPN client!

          It bothers me that the Default Gateway is not being set on the VPN connection. How can I force that to be set from pfsense?

          Regards

          johnpozJ 1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator @smk
            last edited by

            @smk said in Troubleshooting DNS failures over VPN from Win11 clients:

            Default Gateway is not being set on the VPN connection.

            Pfsense does what you tell it to do - just because you connect to some vpn service - unless you tell pfsense to route all traffic out that connection, why would you think it should be default?

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.03 | Lab VMs 2.7.2, 24.03

            1 Reply Last reply Reply Quote 0
            • First post
              Last post