push additional DNS search domains

sgw

I run 2 pfsense-appliances in a HA-cluster, pfsense-21.05p2.

The cluster runs an OpenVPN-server and I have to provide multiple DNS-search-domains to the clients. The tunnels should not force all traffic into them, so it has to be a "multiple DNS setup": only DNS-queries for their domains should be forwarded to their internal DNS-servers (one of them will be the unbound resolver on that pfsense-cluster as well).

In the webgui I set:

DNS default domain: "my.tld"

and

push "dhcp-option DOMAIN-SEARCH mytest.tld";

On my client (Fedora 35 workstation) the tunnel is established OK, but queries to "mytest.tld" fail.

When I check "resolvectl", it only lists "my.tld" for that openvpn-interface.

I know that I can add additional search domains within NetworkManager on Fedora, that works. But that's not a good solution, the config should come from the server (or the tunnel.ovpn I give to the users). And it should work for MS Windows machines also.

Is there a way of solving this, could I add an option to the OpenVPN Client Export settings maybe?

sgw

Maybe also relevant: on the client I run

OpenVPN 2.5.5 x86_64-redhat-linux-gnu

sgw

Any hints on this?

JTMem

Did you ever find a resolution to this? I'm struggling with this as well.

sgw

@jtmem I currently don't have access to that system anymore, so I can't tell 100% right now.

I think it worked with another syntax, I look it up in a backup xml right now.

Try

push "dhcp-option DOMAIN your.domain.tld";

and not the option "DOMAIN-SEARCH".

Let me know if it works for you.