Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to enable DNS resolution for hosts connected to pfsense from an OpenVPN client without forcing all DNS queries over the VPN?

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 246 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      real_interface
      last edited by real_interface

      How to enable name resolution of computers connected to pfsense (192.168.1.1/24) when connecting remotely as a client (into 192.168.2.1/24)?

      What has been done so far:

      • Clean install of pfsense 2.4.4 + update to 2.4.4-RELEASE-p2
      • Set up OpenVPN a "Remote Access SSL/TLS + User Auth)"
      • Installed the "OpenVPN Client Export" package
      • Created users + user ceritifaces
      • Exported their certificates / config files

      Observations/Diagnostics:

      • The OpenVPN client connects successfully onto the 192.168.2.1/24 subnet however it does not resolve any hostnames from the 192.168.1.1/24 subnet.
      • The OpenVPN client can SSH into machines on the 192.168.1.1/24 subnet using their IP addresses.
      • Machines on the 192.168.1.1/24 subnet resolve the names of other machines on the subnet using their hostnames only or FQDN format: hostname.localdomain.
      • Both Windows 10 and Android OpenVPN clients are not resolving hosts on the 192.168.1.1/24 subnet.

      What needs to be done in order for a OpenVPN client on the 192.168.2.1/24 subnet to be able to resolve 192.168.1.1/24 subnet?

      The OpenVPN client can have high latency so ideally only the DNS queries for the 192.168.1.1/24 subnet would be done over the VPN and all other resolutions through either the clients existing DNS or 8.8.8.8.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.