Host override and OpenVPN

zaitz · Dec 14, 2023, 1:51 PM

Hello,

I am lost in DNS confusion.
I have two OpenVPN servers. 1. site-to-site and 2. Remote access. My remote users can reach the IP's on the site to site tunnel end's. Now for convenience I wanted to add host overrides, so they can be browsed by DNS name. The host overrides work from my server lan, but not for users connected via VPN. What is needed to get them to resolve from the VPN users end?

viragomann · Dec 14, 2023, 7:32 PM

@zaitz
You have to enter your DNS server in the OpenVPN server settings to push it to the clients. E.g. the OpenVPN server IP, the first usable in the tunnel subnet.

Also you probably have to add the VPN tunnel network to the Resolver ACLs in Services > DNS Resolver > Access Lists.

However, note that not all clients apply the pushed DHCP setting from the VPN server.

zaitz · Dec 20, 2023, 2:41 PM

@viragomann Thanks, this seems to have done it! Couldn't figure out that the first IP in the OpenVPN servers subnet is the actually the Pfsenses Resolver.