Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Any way to avoid DNS leak while still able to resolve local hosts?

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 541 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K Offline
      kaiguy
      last edited by

      From what I'm experiencing, it seems to me that a byproduct of avoiding DNS leak is that I can no longer resolve local hostnames. It makes sense, since I'm now pulling DNS from the VPN DNS servers. Is there no way to have both?

      Thanks!

      1 Reply Last reply Reply Quote 0
      • K Offline
        kaiguy
        last edited by

        Not sure if this is considered best practice, but I went ahead and changed the DNS Resolver settings to use either of my two VPN client interfaces for the Outgoing Network Interfaces setting. All seems to be good now, but obviously on hosts that aren't configured to use the VPN, DNS queries are still going out of the VPN…

        If someone has a better suggestion for how to accomplish this (like somehow only resolving a my local domain locally for VPN, else all else goes out the VPN), I'd definitely like to hear it!

        1 Reply Last reply Reply Quote 0
        • DerelictD Offline
          Derelict LAYER 8 Netgate
          last edited by

          You could always just pass DNS (TCP/UDP on port 53) to This firewall and then block all other TCP/UDP port 53 destinations. If that's really what's important to you.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.