Any way to avoid DNS leak while still able to resolve local hosts?



  • From what I'm experiencing, it seems to me that a byproduct of avoiding DNS leak is that I can no longer resolve local hostnames. It makes sense, since I'm now pulling DNS from the VPN DNS servers. Is there no way to have both?

    Thanks!



  • Not sure if this is considered best practice, but I went ahead and changed the DNS Resolver settings to use either of my two VPN client interfaces for the Outgoing Network Interfaces setting. All seems to be good now, but obviously on hosts that aren't configured to use the VPN, DNS queries are still going out of the VPN…

    If someone has a better suggestion for how to accomplish this (like somehow only resolving a my local domain locally for VPN, else all else goes out the VPN), I'd definitely like to hear it!


  • LAYER 8 Netgate

    You could always just pass DNS (TCP/UDP on port 53) to This firewall and then block all other TCP/UDP port 53 destinations. If that's really what's important to you.


Log in to reply