Unable to use Torguard internal VPN DNS



  • Hi pfpeople,

    I'm using Torguard VPN for a few specific clients on my firewall. Those VPN clients exit via the Torguard VPN gateway, all other clients go out via the WAN gateway. However, I'm not able to use the Torguard internal VPN servers ( 10.9.0.1 & 10.8.0.1 ) for those VPN clients.

    Important detail: I have used this guide ( https://www.netgate.com/blog/dns-over-tls-with-pfsense.html ) to setup DNS over TLS for regular clients that exit via WAN . (in System>General Setup under 'DNS Server Settings' I have the two Quad9 DNS servers (9.9.9.9 & 149.112.112.112).

    I gave every VPN client two DNS servers (Services>DHCP Server>Interface>Edit Static Mapping) for the moment, but this is kinda leaky as hell and therefore pointless. Adding 10.9.0.1 & 10.8.0.1 here does not work, but I have no idea why.

    Can someone please explain what I'm doing wrong here? Do I add the Torguard internal VPN servers ( 10.9.0.1 & 10.8.0.1 ) to System>General Setup? Do I need to add them to the custom config of General DNS Resolver Options? ... ?

    Big thank you in advance for any help.



  • OMG, the stupidity, it burns!

    I had a rule only allowing DNS requests only to the firewall itself. I readded the internal VPN DNS servers with their respective VPN gateway to System>General and made a rule allowing the VPN clients to use DNS only with the internal VPN DNS servers, above the other rule. Fixed.

    Sorry for cluttering up the forum with stupidity :(


Log in to reply