How to route DNS Forwarder through VPS/VPN IP

thimplicity

Hi everyone,

I have different VLANs and would like to route two of them through the pfSense DNS Forwarder through a Wireguard VPN server running on a VPS. The other VLANs will run through the DNS resolver.

I got "everything" figured out, based on this guide, except one thing. I have activated the forwarder and the VLAN goes through it and it shows the correct DNS server (quad9) when running DNSleaktest. But although I have chosen the VPS interface as the interface in the forwarder and the VPS address in the NAT redirect rules, DNSleaktest still shows my local IPS IP address.

My intention would be to show the DNS servers that I chose for the forwarder and the VPS IP. Am I doing something wrong or is this just not possible?

Bob.Dig

@thimplicity I don't get what you have done there but an easy solution against DNS-leaks on a whole interface (like a VLAN) is to only use external DNS-servers like 8.8.8.8 (via DHCP) on it and not DNS on pfSense itself. The only caveat, you loose DNS-overrides for those interfaces.

thimplicity

I forgot to change the gateway in the respective firewall rules ...

Problem solved!