OpenVPN and Full DNS in Viscosity



  • Hi

    I have a DNS issue with OpenVPN where apparently the Viscosity client is using split DNS and only using the OpenVPN pushed DNS servers to resolve the DNS Default Domain registered in the OpenVPN server. Other domains are resolved by the regular Windows DNS servers (I believe).

    If I select preferences → Edit → Networking → DNS in the Viscosity client and change the selection from "Automatic" to "Full DNS" it works. Is there a way to push this setting from the pfSense OpenVPN server or do I need to distribute new connection profiles to the Viscosity users?

    Lars



  • Found a workaround. I my case I only need two domains to use the DNS servers configured by the VPN client. In order to achieve this, I put the first domain in the "DNS Default Domain" box of the OpenVPN server configuration in pfSense. The second domain is pushed as an option by entering the following in the "Custom options" box:

    push "dhcp-option DOMAIN second-domain.com"
    

    This works. Would be cumbersome for a lot of domains but not a problem for a few as more "push" lines can be entered if required. Requires no change on the client side which is a real plus for me (100+ clients).

    Lars



  • As far as I know one should use one line for every push option.
    That would be:

    push "dhcp-option first-domain.com"
    push "dhcp-option second-domain.com"
    

    You can check if your method works correct in the client log, should look something like:

    SENT CONTROL [Server]: 'PUSH_REQUEST' (status=1)
    Fri Nov 24 13:58:10 2017 us=31484 PUSH: Received control message: 'PUSH_REPLY,..........,dhcp-option DOMAIN first-domain,dhcp-option DOMAIN second-domain,..........'
    

Log in to reply