Lose DNS when OpenVPN Client is turned on.
-
I'm running 2.4.5.1 and everything was working great. Last Thursday the internet stopped working. After several days of troubleshooting I found that DNS came back after I turned off the OpenVPN client. I don't know what changed as everything was working fine for many months.
Gateway
My VPN_WAN Rules
Resolver
General DNS settings
Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
2 CPUs: 1 package(s) x 2 core(s)
AES-NI CPU Crypto: No
2 Gigs Ram
SSD with ver 2.4.0
IBM Intel Pro PCI-E Quad Port 10/100/1000 Server Adapter 39Y6138 (K210320) -
Forgot to mention that Ping www.google.com and 8.8.8.8 both fail. Does that mean it's a gateway issue?
-
@NasKar - well I don't know enough to tell you where the issue is but if ping to 8.8.8.8 fails it's not a DNS issue. Do you have a WAN IP? Can you ping it? What are your LAN firewall rules? Can you create a allow all outgoing rule on your LAN FIREWALL rules if one is not present, and place it at the top to test if the Firewall settings are doing something?
Going further, does your computer have a valid IP, assuming it's DHCP from PFSENSE.
-
What is your default route, there is an option in the OVPN client page Don't pull routes without this enabled the default route will point out your OVPN interface, may be worth checking.
Diagnostics -> Routes should show you.
Is it an OVPN client or server on your pfSense box?
Andy
1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22
-
@riften said in Lose DNS when OpenVPN Client is turned on.:
@NasKar - well I don't know enough to tell you where the issue is but if ping to 8.8.8.8 fails it's not a DNS issue. Do you have a WAN IP? Can you ping it? What are your LAN firewall rules? Can you create a allow all outgoing rule on your LAN FIREWALL rules if one is not present, and place it at the top to test if the Firewall settings are doing something?
Going further, does your computer have a valid IP, assuming it's DHCP from PFSENSE.
I have WAN IP and can ping it.
Here are my LAN rules
Move the default allow LAN to any rule to the top below the antilockout and still can't ping www.google.com or 8.8.8.8
@NogBadTheBad It is a OVPN client I do have a server that works fine as a road warrior VPN. Checking the option for Don't pull routes doesn't fix the issue.
-
@NasKar
In reading over your first post again, you turn OFF the OPENVPN CLIENT and it works, turn it ON and you cannot get out. Are you normally funneling all outgoing through the VPN? I think we need to know more about how that is setup, as that is where the issue is. -
@riften My setup is for there to be an alias of computer ip addresses that go out the vpn and another alias of web sites that go out the normal gateway. My main computer is on the vpn ip list.
-
What is this :
@NasKar said in Lose DNS when OpenVPN Client is turned on.:
My VPN_WAN Rules
?
Your WAN interface ?
The OpenVPN interface ?These are mine :
-
@NogBadTheBad said in Lose DNS when OpenVPN Client is turned on.:
What is your default route, there is an option in the OVPN client page Don't pull routes without this enabled the default route will point out your OVPN interface, may be worth checking.
Diagnostics -> Routes should show you.
Is the default route your WAN interface ?
-
@Gertjan My VPN_WAN is the interface for my OVPN client that I'm trying to get working. I also have a OpenVPN interface that was created for my Ovpn server to login to my system remotely.
@NogBadTheBad I will check the Diagnositics ->Router with the client VPN turned on and Don't pull routes unchecked when I get home .
-
@NogBadTheBad The default route is my WAN interface
My WAN IP is blurred
The client VPN is on ovpnc6
