Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN won't block external DNS

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 1 Posters 993 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      SteveMason
      last edited by

      Running version 2.4.3_1

      Under VPN > OpenVPN > Client Export, I selected the following option :

      Block Outside DNS Block access to DNS servers except across OpenVPN while connected, forcing clients to use only VPN DNS servers.
      Requires Windows 10 and OpenVPN 2.3.9 or later. Only Windows 10 is prone to DNS leakage in this way, other clients will ignore the option as they are not affected.

      However, when I run the client on my Windows10 PC
      a) Windows attempts to use its "normal" dns servers, whether manually assigned or via dhcp.
      b) External dns queries are not blocked.

      OpenVPN is connected and I get the following from cli -
      C:\Users>nslookup
      Default Server: dns.quad9.net
      Address: 9.9.9.9

      www.google.com
      Server: dns.quad9.net
      Address: 9.9.9.9

      Non-authoritative answer:
      Name: www.google.com
      Addresses: 2a00:1450:4009:810::2004
      216.58.206.100

      1 Reply Last reply Reply Quote 0
      • S
        SteveMason
        last edited by

        Must've been legacy config or some such as the uninstaller doesn't clear down old files.

        Uninstall, manual deletion of old files from c:\Program Files\OpenVPN and a full reboot before reinstall seems to have done the trick.

        This can be closed but uninstaller needs work ;)

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.