Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to set PUBLIC dns server for wan and secure dns server for openvpn

    Scheduled Pinned Locked Moved DHCP and DNS
    2 Posts 1 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      scorpious
      last edited by

      Hi all,

      this is my first post and first time setting up pfsense, I have used this forum quiet a few times in setting up the router and has helped me a lot. thanks again!

      now to my issue:

      I have the pfsense 2.3.2_p1 up and running with 1 WAN connection and 2 PIA VPN connections grouped.

      my firewall Rules/Manual outbound NAT settings account for the grouped VPN connections and specifically allow 2 devices on the network to pass through the grouped VPN and all other devices to bypass the VPN and use the WAN.

      my connection is good and stable on the vpn

      I haven't set any DNS server addresses in the DHCP server settings. DNS resolver is enabled by default, which makes be believe the pfsense router acts as a DNS server.

      what I would like to do is, use the fastest DNS server (use namebench or DNSbench to obtain the DNS servers) for WAN (i.e. for all devices that bypass VPN) and use PIA specific DNS servers 209.222.18.218 and 209.222.18.222 for the two devices that use the grouped OpenVPN connection.

      the reason I want to do this is to make sure the VPN connections are secure (I/DNS leak, not necessarily fast) but the WAN connections are fast.

      I feel this has to be done using the DNS forwarder option and set the proper host and domain overrides, but I am not sure.

      is there any disadvantage of using this method? DNS forwarding vs resolver?

      thanks

      1 Reply Last reply Reply Quote 0
      • S
        scorpious
        last edited by

        I guess

        one option for me to do is

        use the fastest 2 DNS servers 1 and 2  in DNS server settings for WAN

        and use 209.222.18.218 for PIAVPN1
        and use 209.222.18.222 for PIAVPN2

        where PIAVPN1 and PIAVPN2 are the two openVPN clients actively connected.
        and uncheck the DNS server list override.

        not sure if this is correct, but just a thought.

        ashish

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.