OpenVPN and DNS with PIA

[trevoracus]

So, I have given this the college try and it is entirely possible that I am just getting old.

I have been playing with setting up my Asus-RTn66U router with Merlin, and so far it has been fantastic except for one slight issue.

The issue I have is Private Internet Access uses DNS names instead of IP address, and when I try to start an OpenVPN connection with WAN the dns seems to not be working correctly.

It has a problem finding the DNS entry for say "us-east.privateinternetaccess.com" the actual error is:

openvpn[482]: RESOLVE: Cannot resolve host address: us-east.privateinternetaccess.com: Name or service not known

If I leave the OpenVPN to NOT start with WAN and manually start it, everythign works fine.

Anyone else ventured into this area before?

I have tried adding some sleep commands to the openvpn-event, looking at a way to manually restart the openvpn but I am afraid I cannot discover it.

cheers!

 

[janosek]

Can you take some screenshots of your settings?

 

[trevoracus]

Sure, here is the conf file (I will do screen shot as well)

admin@RT-N66U:/tmp/etc/openvpn/client1# cat config.ovpn
# Automatically generated configuration
daemon
client
dev tun11
proto udp
remote 66.55.144.245 1194
resolv-retry 30
nobind
persist-key
persist-tun
comp-lzo adaptive
verb 3
reneg-sec 0
script-security 2
up updown.sh
down updown.sh
ca ca.crt
auth-user-pass up
status-version 2
status status

# Custom Configuration
persist-key
persist-tun
tls-client
comp-lzo
verb 1

As I said before the only change I have to do to have this issue appear again is to change the 66.55.144.245 to the DNS name.

 

[janosek]

# Automatically generated configuration
daemon
client
dev tun11
proto udp
remote us-east.privateinternetaccess.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo adaptive
verb 1
script-security 2
up updown.sh
down updown.sh
ca ca.crt
auth-user-pass up
status-version 2
status status

# Custom Configuration
tls-client
remote-cert-tls server
reneg-sec 0

 

[janosek]

If the above doesn't do anything, then go to ypur WAN settings, set "Connect to DNS Server automatically" to no and use google's 8.8.8.8 and 8.8.8.4

 

[trevoracus]

Thanks for the screenshot and the conf, unfortunately the situation is still present, very strange.

If I leave it to auto-start with the WAN it makes the internet unusable until I either switch the DNS, or turn it off and back on again (the openVPN).

This has happened with both the 8.8.8. and the "Connect to DNS Server automatically" option.

But again, completely use the IP and no problems.

Is there a way to manually call the openvpn connection once the router is up for a minute?

 

[trevoracus]

For now I have cheated a little bit and just done the following:

added script to wan-start

#!/bin/sh
/jffs/scripts/makevpnwork &

Created Script called makevpnwork in the /jffs/scripts directory:

#!/bin/sh
sleep 30
service  start_vpnclient1

The & at the end of the wan-start will through the other script into the background and let the router continue on.

Very interesting as to why this isn't working, but, hey its working now (albeit as a full hack of a fix).