What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

OpenVPN

S

Starym

Occasional Visitor
I had to add "block-outside-dns" to the default exported OpenVPN configuration, it would be nice if it was included by default or maybe add an option to enable it.
I also added "auth-nocache" since it was suggested in red colors in my client.

Are there any downsides to having those features enabled? Privacy wise it can prevent DNS leaks (block-outside-dns).
 
Starym said:
I had to add "block-outside-dns" to the default exported OpenVPN configuration, it would be nice if it was included by default or maybe add an option to enable it.
Click to expand...

That setting only works on Windows, that's why it's not exported by default, as it would be incompatible with non-Windows clients.

Starym said:
I also added "auth-nocache" since it was suggested in red colors in my client.
Click to expand...

This is a matter of personal preferences, and in some case it might once again not be compatible, hence why it's not there by default.

The exported configuration aims to be as widely compatible as possible, not to be as tightly secured as some people might want. For instance, "DNS leaks" are not a concern when the goal is to connect to your home router. In fact, in many cases people will prefer NOT to use the DNS from their home router.

Adding settings for these seldom-used options are also out of question, as some router models are already running out of available nvram for settings. Any new nvram setting, even when unset, will take up valuable nvram space. I spent a lot of time last year actually reviewing each VPN setting to determine how I can finetune things to reduce the number of available settings. Asuswrt-Merlin already offers like 5x more settings than any other OpenVPN-compatible solution I have seen.
 
Understood. Thanks for your quick response!

Btw, I'm using the block-outside-dns setting in the config in OpenVPN on my iPhone and it seems to be working.
 
Starym said:
Btw, I'm using the block-outside-dns setting in the config in OpenVPN on my iPhone and it seems to be working.
Click to expand...

It's most likely not doing anything at all - it's a Win32-specific feature.
 
You must log in or register to reply here.

Similar threads

S
No internet for router clients (OpenVPN + stunnel)
Replies
6
Views
416
santer_av
S
T
[Help] Problems setting up OpenVPN
Replies
7
Views
648
Thookie
T
J
Solved OpenVPN clients can't resolve custom domains defined in dnsmasq config
Replies
2
Views
1K
jkbach
J
RMerlin
  • Locked
Release Asuswrt-Merlin 3004.388.8_2 is now available
22 23 24
Replies
469
Views
64K
aitor_mtb
A
E
OpenVPN TAP internet access problem
Replies
0
Views
518
elorimer
E
Similar threads
Thread starter Title Forum Replies Date
R AC68U - can't set up OpenVPN Asuswrt-Merlin 3
J RT-AC88U drops the OpenVPN inbound ACCEPT iptables rule after a time Asuswrt-Merlin 14
S No internet for router clients (OpenVPN + stunnel) Asuswrt-Merlin 6
Harry Azcrac ASUS Merlin on RT-AC86U OpenVPN Server not blocking IP when a client connects Asuswrt-Merlin 2
outlaw78 OpenVPN Setting Merlin AXE-16000 Asuswrt-Merlin 1
F OpenVPN Server - Client speeds seem capped at 20mbps?? Asuswrt-Merlin 2
Viktor Jaep OpenVPN Client Connection through existing OpenVPN Router Connection causes DISCONNECT Asuswrt-Merlin 29
M 2 separate clients on OpenVPN server Asuswrt-Merlin 4
D Solved Openvpn client dns Asuswrt-Merlin 2
D WireGuard removing OpenVPN on ASUS Routers ? Asuswrt-Merlin 2

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 656 (members: 22, guests: 634)
Back
Top