How to enable DNS resolution for hosts connected to pfsense from an OpenVPN client without forcing all DNS queries over the VPN?
-
How to enable name resolution of computers connected to pfsense (192.168.1.1/24) when connecting remotely as a client (into 192.168.2.1/24)?
What has been done so far:
- Clean install of pfsense 2.4.4 + update to 2.4.4-RELEASE-p2
- Set up OpenVPN a "Remote Access SSL/TLS + User Auth)"
- Installed the "OpenVPN Client Export" package
- Created users + user ceritifaces
- Exported their certificates / config files
Observations/Diagnostics:
- The OpenVPN client connects successfully onto the 192.168.2.1/24 subnet however it does not resolve any hostnames from the 192.168.1.1/24 subnet.
- The OpenVPN client can SSH into machines on the 192.168.1.1/24 subnet using their IP addresses.
- Machines on the 192.168.1.1/24 subnet resolve the names of other machines on the subnet using their hostnames only or FQDN format: hostname.localdomain.
- Both Windows 10 and Android OpenVPN clients are not resolving hosts on the 192.168.1.1/24 subnet.
What needs to be done in order for a OpenVPN client on the 192.168.2.1/24 subnet to be able to resolve 192.168.1.1/24 subnet?
The OpenVPN client can have high latency so ideally only the DNS queries for the 192.168.1.1/24 subnet would be done over the VPN and all other resolutions through either the clients existing DNS or 8.8.8.8.