Routing Issue with some clients
I have PFSENSE installed with no plugins just a basic set up. I am using the OpenVPN client to connect to a provider similar to PIA. The DHCP leases are handed by PFSENSE. The VPN connects and I am able to browse the internet. I only have a couple of clients going through the VPN tunnel, the rest go through the WAN.
I setup Pihole with Unbound in the same box, Pihole passes the queries to Unbound and that's my recursive DNS server. I have turned off the DNS resolver for pfsense. At the beginning I also had the DNS forwarder turned off but then pfsense was not able to connect to the NTP server to sync time or check for updates so I enabled the forwarder again and under system - general settings, I specified the pihole as the DNS server and pfsense has connectivity now.
The problem is for my client that are going through the VPN tunnel, there is a DNS leak, it shows my ISP's IP. I have aliases set up for my clients and when I add the PIHOLE/Unbound server to go through the VPN gateway the my connectivity is super slow or it just dies. If I leave the gateway to be my regular WAN, then no issues, internet is fast.
My VPN clients do show the VPN providers IP address but again the problem is the DNS leak.
In PIHOLE I set the DNS forwarder to 127.0.0.1#5335 and in Unbound the nameserver is 127.0.0.53 under /etc/resolv.conf. Unbound seems to be resolving and going out through the WAN gateway. Is there something I can set in unbound if I want to use another DNS server besides my ISPs?
Thanks very much for any advise you can provide.