Is it just easier…
-
So somehow or some way I have a DNS leak using PIA's DNS servers.
I've attempted to follow the various "how to's" presented both here and from PIA, but the leak remains.
Would it be easier to uninstall the entire openvpn program, flush all of the associated settings, and start from scratch? Or some of that?
Ideas? -
Probably not. A broken config will probably still be broken.
What is the flow of your DNS starting with the DNS servers the clients are being told to use?
-
209.222.18.222
Modem, 216.227.XXX.XXX
PFSense
PCI hope that is what you wanted.
-
Might help if you actually explain your setup instead of being so terse requiring assumptions be made.
-
PC to a Linksys router in bridge mode, cheap DIY box running 2.4.2-RELEASE-p1 (amd64) with 4gb of ram, DHCP server, pfblockerg and squid, to DSL modem.
When I check the DNS settings, it comes up as a PIA address, but when I test using dnsleaktest.com it shows my actual address, not the PIA one. -
"and squid"
And you setup squid to use whatever dns you want? This 209.222.18.222 IP? You do understand using a proxy, the client asks the proxy to go to www.domain.tld for it… So the proxy looks that fqdn up.. not the client.
-
Wouldn't squid use whatever DNS servers I specify?
Initially when I set this box up, I wasn't using any VPN. Then I think you helped me out with using openvpn to the actual box, which worked great until I decided I wanted to anonymize my traffic.
-
I'm thinking my idiot ass needs to read the freaking manual. Again.
I do own Mastering PFSense by David Zientara and pfsense 2 cookbook by Matt Williamson. -
squid will use the system dns… So normally that would be the resolver (unbound) resolving so yes it would list your IP in some sort of dnsleak test because your resolving. If you want the resolver to go down your vpn to resolver, then set it outbound interface to be your vpn interface..
-
Amazing what a little "light" reading can do for you, that and stepping away from it all when your eyes feel like they have sand in them.
Opted to restore my pfsense install from a period before I started trying to hide my traffic.
Worked great. Then I followed a more recent DIY to install openvpn and PIA, and what do you know, it freaking worked. I even went to a bunch of dns leak test sites, and voila, NO MORE DNS LEAKS!
My traffic is protected from prying eyes, and my children can't see things that they won't forget by using pfblockerngHowever, this leaves me without the ability to remote into my pfsense box from work. Another project for another day!
