How can i use DNS Host override (DNS Resolver) on a VPN connection

  • Hello All,

    I have a VPN setup on pfsense to set an alias list of internal IP's to that VPN (see below link). For some reason that I don't understand, these IPs needs to have specific DNS address assigned to them. It seems I can use the VPN dns server, googles or opendns family, however, my PFsense DNS Resolver will not work as advised in the link.

    In my DNS resolver, I have a host override that redirects a host to a different external IP and as we can see, my VPN'd device can't access this host override. Do I have a way to get my IPs using VPN to do a host override? In my DNS Resolver i have the ability to allow it on VPN interface as well but don't really understand the ramifications.

    VPN Setup:

    1. Fix DNS
      Navigate to Services -> DHCP Server
      Remember those static mapping you made earlier for your machines on your pia_redirect_group? Open them up and add DNS servers to them.
      The reason we want to use external servers and not the DNS Resolver is this will make any machine in the pia_redirect_group send its DNS queries down the VPN. If queries were sent to your default resolver, they would go out your WAN gateway and not your VPN. This would be a leak. Machines on your VPN should now be able to visit websites correctly (you may need to renew their DHCP leases)

    My DNS Resolver settings:
    Enable DNSSEC Support

    Custom options:
    do-not-query-localhost: no

    name: "."
    server:include: /var/unbound/pfb_dnsbl.*conf