Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    OpenVPN not using DNS set in options

    OpenVPN
    2
    15
    94
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • x2rl
      x2rl last edited by x2rl

      Howdy

      I can't seem to get openvpn to use the dns sever ive set for it.

      I have openvpn dns set to 10.0.0.1 (which is Pfsense) and the dns on pfsense is set to 10.0.0.222 (which is pihole) the phones still show Ads/

      when i set openvpn dns to 10.0.0.222 the Ads don't show but the logs show its used the virtual IP 10.0.2.3 not the real IP 10.0.0.117

      which was it correct? or do i have it set up completely wrong?

      Thanks

      1 Reply Last reply Reply Quote 0
      • Rico
        Rico LAYER 8 Rebel Alliance last edited by

        DNS Resolver in Forwarding Mode or what are you using?
        Is it working for your LAN Clients?
        Check the OpenVPN client Log to see what exactly is pushed.

        -Rico

        x2rl 1 Reply Last reply Reply Quote 0
        • x2rl
          x2rl @Rico last edited by

          @Rico DNS Resolver. Lan is fine only the 3 which use openvpn seems to be bypasing Pihole. There is nothing in the log which i can see about dns ive set.

          1 Reply Last reply Reply Quote 0
          • Rico
            Rico LAYER 8 Rebel Alliance last edited by

            You should see something like this in your client log
            Mon May 11 19:18:59 2020 PUSH: Received control message: 'PUSH_REPLY,...,dhcp-option DNS 172.29.33.101,dhcp-option DNS 172.29.33.102,...'
            I push via Client CSO, the Server option DNS Server enable should do the same though.

            -Rico

            x2rl 1 Reply Last reply Reply Quote 0
            • x2rl
              x2rl @Rico last edited by x2rl

              @Rico said in OpenVPN not using DNS set in options:

              You should see something like this in your client log
              Mon May 11 19:18:59 2020 PUSH: Received control message: 'PUSH_REPLY,...,dhcp-option DNS 172.29.33.101,dhcp-option DNS 172.29.33.102,...'
              I push via Client CSO, the Server option DNS Server enable should do the same though.

              -Rico

              I don't all I see is this when i rejoin with openvpn

              May 11 17:33:08	openvpn	76206	10.0.0.107:44694 peer info: IV_GUI_VER=OC30Android
              May 11 17:33:08	openvpn	76206	10.0.0.107:44694 peer info: IV_VER=3.git::f225fcd0:Release
              May 11 17:33:08	openvpn	76206	10.0.0.107:44694 peer info: IV_PLAT=android
              May 11 17:33:08	openvpn	76206	10.0.0.107:44694 peer info: IV_NCP=2
              May 11 17:33:08	openvpn	76206	10.0.0.107:44694 peer info: IV_TCPNL=1
              May 11 17:33:08	openvpn	76206	10.0.0.107:44694 peer info: IV_PROTO=2
              May 11 17:33:08	openvpn	76206	10.0.0.107:44694 [mjj34] Peer Connection Initiated with [AF_INET]10.0.0.107:44694
              May 11 17:33:08	openvpn		user 'mjj34' authenticated
              May 11 17:33:09	openvpn	76206	mjj34/10.0.0.107:44694 MULTI_sva: pool returned IPv4=10.0.2.2, IPv6=(Not enabled)
              

              I push via Client CSO, the Server option DNS Server enable should do the same though.
              I have no idea what this means sorry.

              Rico 1 Reply Last reply Reply Quote 0
              • Rico
                Rico LAYER 8 Rebel Alliance @x2rl last edited by

                @Mike34 said in OpenVPN not using DNS set in options:

                I have no idea what this means sorry.

                pfSense_OpenVPN_DNS-push.png

                -Rico

                x2rl 1 Reply Last reply Reply Quote 0
                • x2rl
                  x2rl @Rico last edited by

                  @Rico Oh yes that is set correct

                  Screenshot_1.png

                  1 Reply Last reply Reply Quote 0
                  • Rico
                    Rico LAYER 8 Rebel Alliance last edited by

                    My screenshot is showing the OpenVPN server options...

                    -Rico

                    x2rl 1 Reply Last reply Reply Quote 0
                    • x2rl
                      x2rl @Rico last edited by

                      @Rico Sorry yes

                      Screenshot_2.png

                      1 Reply Last reply Reply Quote 0
                      • Rico
                        Rico LAYER 8 Rebel Alliance last edited by

                        Again, check the CLIENT side log to check what is pushed or not pushed.

                        -Rico

                        x2rl 1 Reply Last reply Reply Quote 0
                        • x2rl
                          x2rl @Rico last edited by

                          @Rico Yes it is getting pushed

                          Screenshot_20200511-185123_OpenVPN Connect.jpg

                          1 Reply Last reply Reply Quote 0
                          • Rico
                            Rico LAYER 8 Rebel Alliance last edited by

                            DNS traffic to pfSense is allowed with Firewall Rules?
                            Can you post your Rules via screenshots?

                            -Rico

                            x2rl 1 Reply Last reply Reply Quote 0
                            • x2rl
                              x2rl @Rico last edited by

                              @Rico Thanks here are the rules

                              Screenshot_4.png Screenshot_3.png

                              1 Reply Last reply Reply Quote 0
                              • x2rl
                                x2rl last edited by

                                Fixed the issue if I don't set a dns in the openvpn setting it works fine and still used 10.0.0.1 as a dns thanks for the help!

                                1 Reply Last reply Reply Quote 0
                                • x2rl
                                  x2rl last edited by

                                  Nope not fixed when its not on wifi as in local it does not use the DNS.

                                  1 Reply Last reply Reply Quote 0
                                  • First post
                                    Last post

                                  Products

                                  • Platform Overview
                                  • TNSR
                                  • pfSense Plus
                                  • Appliances

                                  Services

                                  • Training
                                  • Professional Services

                                  Support

                                  • Subscription Plans
                                  • Contact Support
                                  • Product Lifecycle
                                  • Documentation

                                  News

                                  • Media Coverage
                                  • Press
                                  • Events

                                  Resources

                                  • Blog
                                  • FAQ
                                  • Find a Partner
                                  • Resource Library
                                  • Security Information

                                  Company

                                  • About Us
                                  • Careers
                                  • Partners
                                  • Contact Us
                                  • Legal
                                  Our Mission

                                  We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                                  Subscribe to our Newsletter

                                  Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                                  © 2021 Rubicon Communications, LLC | Privacy Policy