pfSense Plus 22.05 - DNS und Keysize Problems after DCO enabled
-
Hi,
I switched to DCO in a preconfigured VPN server and while the server works, it sometimes just stops handling DNS request and I also started getting keysize issues.
The clients VPN configs are directly exported from pfSense and unmodified, here are the issues:
DNS:
2022-11-10 15:37:20.194973 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:11: register-dns (2.5.6)
NOTE: The DNS servers do not include any free public DNS servers known to Tunnelblick. This may cause DNS queries to fail or be intercepted or falsified even if they are directed through the VPN. Specify only known public DNS servers or DNS servers located on the VPN network to avoid such problems.
Keysize:
'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
Restarting the openVPN server appears to fix the issue but I can't tell for sure. It also appears to be having issues when clients connect with multiple computers at the same time with the same config (I have concurrent connections enabled)
Oh and one more question:
I recently found this feature but don't know what to do with it:
"Use the authenticated client username instead of the certificate common name (CN)."Should I leave it on or off?
Any help is greatly appreciated, I can also provide more logs if requested.