OpenVPN not resolving internal DNS names



  • Setup:

    Tunnel Network 10.0.0.0/24
    LAN Network 192.168.1.0/24

    I can connect to devices on the LAN fine, but I cannot connect to them using their DNS names. I don't see any traffic being blocked by the firewall, and I'm not using ACL's on my DNS Resolver. What am I missing?



  • If i set my tunnel network to my LAN IP space, it works fine. I feel like I'm missing a route somewhere, but the pfsense box wont let me route to the tunnel network.


  • LAYER 8 Global Moderator

    If you want vpn clients to use unbound, you have to add an ACL to allow your tunnel network to query it. Out of the box only your lan network would be allowed to query via the automatic ACL created.



  • That did it, did not know that.

    Thank you Sir.



  • I also changed my openvpn firewall rule to source : 10.0.0.0 (tunnel) dest: 192.168.1.0 (inside). I should do this right to limit what can talk to what over the tunnel.


  • LAYER 8 Global Moderator

    Well the only thing that can talk over the tunnel - is your vpn clients.. But sure you can limit what your vpn clients can access if you want/desire to do so.

    The automatic acls should prob be updated to auto allow tunnel networks to be honest.. But anyone that understands how the acls work, would know that they need to adjust them, etc.

    Glad you got it sorted..


Log in to reply