Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VPN Killing DNS.

    Scheduled Pinned Locked Moved
    DHCP and DNS
    3
    4
    228
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      panzerscope
      last edited by

      Hey guys,

      I am hoping someone can help. While this is related to an issue that comes from my OpenVPN client, it is with respects to DNS.

      I use OpenVPN to connect to an external VPN service (PureVPN) so that I can route specific clients over the VPN for security and port forwarding reasons (My ISP uses CGNAT)

      The issue is when I connect the VPN, sometimes immediately or up to 24 hours later, the DNS dies as my clients can no longer resolve DNS. I have done much messing around to fix the issue to no avail.

      However, I believe it could be due to the VPN inserting routes onto the route table that is killing my DNS. I say this as I was playing with the OpenVPN client config and I stopped the OpenVPN from adding routes to the client table. I checked "Don't Pull Routes", as per the below. screenshot

      a1e1d25b-72d2-4f76-8a23-271589c3f606-image.png
      (Ignore the fact the screenshot shows it as unchecked)

      This worked as everything was working for a week+. so I am fairly confident this is the issue. However, for port forwarding over the VPN (which I need for Plex), this is can not be a long-term solution as using "Dont Pull Routes" kills port forwarding.

      It is worth noting that my "Pull DNS" is disabled on my OpenVPN client config.

      f9af5f70-3f4c-4538-9216-fe1992ce70c3-image.png

      DNS Query Forwarding Mode is also enabled under Services>DNS Resolution so that my clients are using 1.1.1.1 (Cloudflare)

      79adfaaa-0d08-4b4c-8c77-bce3b0d05212-image.png

      My question is, how do I stop my VPN instance from killing my DNS ?

      Bob.DigB GertjanG 2 Replies Last reply Reply Quote 0
      • Bob.DigB
        Bob.Dig LAYER 8 @panzerscope
        last edited by

        @panzerscope What are your DNS settings? If I want to make sure that some hosts only use DNS via the VPN, I only give them a public DNS server and not pfSense, so their DNS will go out to the VPN as everything else.
        Now on pfSense I only use my WAN connection for DNS. This works well for me.

        1 Reply Last reply Reply Quote 1
        • GertjanG
          Gertjan @panzerscope
          last edited by

          @panzerscope said in VPN Killing DNS.:

          My question is, how do I stop my VPN instance from killing my DNS ?

          Not Pu**VPN but the other one : read this. A story about how VPN totally destroys DNS ...

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          P 1 Reply Last reply Reply Quote 1
          • P
            panzerscope @Gertjan
            last edited by

            @Gertjan said in VPN Killing DNS.:

            @panzerscope said in VPN Killing DNS.:

            My question is, how do I stop my VPN instance from killing my DNS ?

            Not Pu**VPN but the other one : read this. A story about how VPN totally destroys DNS ...

            That was a really good read, thanks for pointing that out. I am now testing a new config as mentioned in that thread as per the below screenshot.

            2d216e8d-2f4e-42a5-843a-f6c1b7ff00ad-image.png

            Fingers crossed that will work. DNS has been ok now for 24 hours. Will report back if it passes a week.

            Thanks all.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post