Menu
What's new
By:
Filters Better Search

OpenVPN DNS question

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

rlcronin

rlcronin

Regular Contributor
Got my n66u setup with OpenVPN and everything worked great until I noticed that my OpenVPN-for-Android client could not resolve Internet hostnames. I solved that by forcing the client to override the DNS settings received from the server, but I am curious why that is necessary. The server was doling out two DNS server addresses to the client, 192.168.1.1 and 208.67.222.222 (the latter being the OpenDNS server I configured in the LAN->DHCPServer->DNSandWINSServerSetting->DNSServer field in the router config). Ideas?
--
bc
 
Make sure you enable "Advertise DNS to clients" on the router. If it still doesn't work then it must be a limitation of the Android client, because that option works fine for me with the WIn32 OpenVPN client.
 
Indeed, "Advertise DNS to clients" is set to yes. I checked on the phone to see what DNS servers it had after starting the VPN session and it had what I expected, 192.168.1.1 and 208.67.222.222 (in that order). I was wondering, though, how that works exactly as the IP address the phone gets is 10.8.x.x. How does it get from there to 192.168.1.1? Is there a route generated somewhere that takes care of that? I was thinking maybe it wasn't working because it was trying to get to 192.168.1.1 and could not (though why it wouldn't then failover to 208.67.222.222 I don't know).
--
bc
 
Here's the config file the client generates, for what its worth. See anything wrong in this?

suppress-timestamps
client
verb 1
connect-retry-max 5
resolv-retry 5
dev tun
remote xxxxxxxx.asuscomm.com 1194 tcp-client
comp-lzo
route 0.0.0.0 0.0.0.0
tls-remote n66u
remote-cert-tls server
cipher AES-128-CBC

That route 0.0.0.0 0.0.0.0 looks vaguely suspicious ...
--
bc
 
rlcronin said:
Indeed, "Advertise DNS to clients" is set to yes. I checked on the phone to see what DNS servers it had after starting the VPN session and it had what I expected, 192.168.1.1 and 208.67.222.222 (in that order). I was wondering, though, how that works exactly as the IP address the phone gets is 10.8.x.x. How does it get from there to 192.168.1.1? Is there a route generated somewhere that takes care of that? I was thinking maybe it wasn't working because it was trying to get to 192.168.1.1 and could not (though why it wouldn't then failover to 208.67.222.222 I don't know).
--
bc
Click to expand...

Under Windows, a static route gets pushed to the client, ensuring that it can access the router by its 192.168.xx.xx IP. No idea about the Android client.
 
You must log in or register to reply here.

Similar threads

H
Get VPN DNS Server(s) In Script?
Replies
0
Views
280
HarryMuscle
H
J
Solved OpenVPN clients can't resolve custom domains defined in dnsmasq config
Replies
2
Views
577
jkbach
J
icanfly
DNS fails for local devices when there is no WAN!
Replies
2
Views
439
icanfly
icanfly
C
How to set upstream DNS but force clients to use the router for DNS?
Replies
2
Views
514
chrisisbd
C
F
OpenVPN client not resolving server local DNS names
Replies
9
Views
1K
felixdd
F
Similar threads
Thread starter Title Forum Replies Date
F OpenVPN client not resolving server local DNS names Asuswrt-Merlin 9
M OpenVPN / site to site with special security/routing constraints Asuswrt-Merlin 7
R OpenVPN keeps on turning itself off Asuswrt-Merlin 37
M Best router for wireguard or openVPN Asuswrt-Merlin 1
W OpenVPN Server set to LAN only allows browsing Asuswrt-Merlin 14
A Upgraded my ASUS, issues with NordVPN via OpenVPN Asuswrt-Merlin 4
G openvpn server: can not change/select data cipher Asuswrt-Merlin 1
Blankedy AC86U OpenVPN server whilst in AP mode Asuswrt-Merlin 3
M For AX68U and AX86S Merlin users: openvpn server - max user qty? Asuswrt-Merlin 1
L Openvpn internal error add route Asuswrt-Merlin 0

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 591 (members: 15, guests: 576)
Top