EXPRESS VPN DNS Edit: Issue resolved.
-
I just installed pfsense 2.4.4 and followed expressvpn's guide which is no good by the way. Instead of routing the local subnet I set my personal IP as the alias so that only I would be routed through the vpn. I have the dns resolver enabled with query forwarding, dnssec, dns over tls, and quad 9 dns server set in general setup so that non vpn clients would use that. How do I set it up so that openvpn clients get dns handled automatically by expressvpn?
-
create an alias for all the devices you want to go through that tunnel, change the default gateway to that tunnel
then under DHCP Static Mappings for this Interface > edit the devices and change the DNS servers to your providers DNS
-
@bcruze I already contacted expressvpn and they wont give me their dns server addresses. Another question, in the 3rd picture I have posted is that where I setup the static mapping?
-
This post is deleted! -
@nogbadthebad this is what it currently looks like.
-
Looks fine, I answered the post on my mobile just saw the dhcp lease page, that made me assume that you were changing the default gateway in the DHCP section.
-
@nogbadthebad Do you know how I get expressvpn to hand out the dns automatically? Right now everything is quad 9 dns.
-
I use NordVPN and they document their DNS servers so I hard code that in my DNS settings for the NordVPN only subnet.
You need to know what ExpressVPN use and then maybe change the static DHCP entry for room_doob.
If you set it to 8.8.8.8 it would use the nearest Google DNS server to the ExpressVPN exit point.
-
@nogbadthebad I use to use the nordvpn client but it always gave me issues with amazon. I switched to expressvpn and it's been great, I started with the windows client, then I ran it on a asus ac86u, and in the pursuit of getting more speed I switched to pfsense. Unfortunately they wont give me their dns listening server and it drives me nuts that it worked so flawlessly on asuswrt.
-
Just use 8.8.8.8 it should resolve in country to the exit point.
-
This post is deleted! -
How do you get the other options to show up? I only have LAN. I'm a noob at this.
-
@nogbadthebad I disabled the dns resolver, enabled the dhcp server, and did the static route using google dns server. Performed a dns leak test and it came up with google, no dice on the expressvpn dns.
-
@bubble_bath said in EXPRESS VPN DNS:
@nogbadthebad Do you know how I get expressvpn to hand out the dns automatically? Right now everything is quad 9 dns.
make a connection to express vpn. login to pfsense > go to diagnostics then command prompt > and the box type in IFCONFIG (not ipconfig) and under your interface for Expressvpn. it will show something similar to: inet 10.32.86.105 --> 10.32.86.1 the 2nd number is their DNS server/ gateway address
-
Don't change the whole lan just the client you want to route via ExpressVPN.
Set up a static mapping.
-
I got it working, after setting up the port forward I had to go to firewall - rules - lan and move up the new rule so that vpn dns grabs before the dns resolver.
granted this is with mullvad but I also got it working with expressvpn. Since express doesn't give out their dns and it can't be found in the ovpn config; easiest solution is running their client on your desktop and using cmd commands to find the dns address being used inside the tunnel.
