[SOLVED] Local DNS over OpenVPN
-
I am trying to get local dns resolve working on openvpn, but no luck. My Pfsense ip is 192.168.40.1
OpenVPN Config
-
@manjotsc
Is DNS access to 192.168.40.1 allowed on the OpenVPN interface?Did you include the domain in the hostname when you try to access it?
-
Common mistake when trying to do this is the unbound ACLs
By default unbound ACLs allow for any locally attached network to query it. But this does not include your vpn tunnel network.. So if you want vpn clients to be able to query your unbound running on pfsense you would have to create/adjust your unbound ACLs to allow the vpn tunnel network.
-
-
Well do a query direct from the client.. Do you timeout, do you get back a refused..
Sniff on pfsense vpn interface, do you see the query come down the vpn..
I always turn off the automatic acls - not sure if when that is active, if manual acls are used..
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.7.2, 24.11 -
@johnpoz OpenVPN logs are flooded with these
Feb 11 14:08:23 openvpn 16284 admin/204.48.94.175:33001 UDPv4 READ [124] from [AF_INET]204.48.94.175:33001: P_DATA_V2 kid=0 DATA len=123 Feb 11 14:08:22 openvpn 16284 admin/204.48.94.175:33001 Authenticate/Decrypt packet error: cipher final failed -
@johnpoz Update : The Issue is fixed now by re exporting the client profile and dns is also seems to be working.
