Menu
What's new
By:
Filters Better Search

VPN / DNS oddity.

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

S

Skruf

Occasional Visitor
Hey,
I've stumbled on something I do not understand and thought I'd post it so someone could let me know what I'm missing...

I run a VM that has Pi-hole/Unbound and NSD running for DNS service... Running on the local network.

On the router both WAN and LAN (DHCP) DNS servers are set to the above internal DNS server (192.168.1.x). The VPN is set to Policy Rules (Strict) and Exclusive on the Accept DNS configuration.

If I use DHCP to issue an IP address to any client going through the VPN or if I have a static IP address (with local DNS servers) then I get a DNS leak showing on the VPN.

If I set the static IP address and use external DNS servers (9.9.9.9, etc) there is no DNS leak.

If someone can help me understand that I'd appreciate it. Thanks.
 
Hey,

Yes, and no... The DNS servers are no longer going through a VPN. After putting them through the WAN is where I noticed the difference.
 
Hey,

FWIW, this is how I solved my issue...

I enabled the JFFS partition and formatted it on the follow up boot. Then I created a dnsmasq.conf.add file (in /jffs/configs/) and entered the following in it:

Code: 
dhcp-option=tag:vpndns,option:dns-server,10.10.10.1,10.10.10.2
dhcp-mac=set:vpndns,xx:xx:xx:xx:xx:xx

After that a reboot...

The DNS servers are bogus as the VPN is forcing the clients to use their servers. The "vpndns" is obviously the tag I used and the dhcp-mac line defines the clients (their MAC) using the defined DNS servers.

Mainly I just wanted to be able to use DHCP on the router to keep things simple and uniform with the rest of the network. So far it seems to do what I want it to... until I break it again...

Best.
 
I'd like to borrow this topic for a few moments...


I have NordVPN on my AC86U configured with both NordVPN custom DNSs.


Question:
Can I (should I?) use DoT DNS privacy protocol or it doesn't make sense anymore because of both NordVPN custom DNSs?

Thanks!
 
sl4fko said:
I'd like to borrow this topic for a few moments...


I have NordVPN on my AC86U configured with both NordVPN custom DNSs.


Question:
Can I (should I?) use DoT DNS privacy protocol or it doesn't make sense anymore because of both NordVPN custom DNSs?

Thanks!
Click to expand...

Both will be secured. If you decide to use DNSSEC and DoT set OpenVPN client DNS to Disabled. If you want to use NordVPN DNS set OpenVPN DNS to Exclusive. DoT would be faster and can be as secured as NordVPN DNS
 
You must log in or register to reply here.

Similar threads

T
Wireguard Client VPN not using DNS
Replies
14
Views
818
Tom Jo-Jo Junior Shabadoo
Tom Jo-Jo Junior Shabadoo
CaptnDanLKW
VPN Stays connected but Stops Routing after DoH Change
Replies
2
Views
391
eibgrad
eibgrad
S
Moving DHCP to Pi-Hole
Replies
2
Views
1K
Scott Kaforey
S
Preskitt.man
DNS Assignment - very strange things
Replies
6
Views
486
sfx2000
sfx2000
S
Solved New ISP - WAN Setup - Will not work with custom WAN DNS - dnsmasq.conf
Replies
1
Views
171
stilltravelling
S
Similar threads
Thread starter Title Forum Replies Date
T Wireguard Client VPN not using DNS Asuswrt-Merlin 14
Groot WireGuard VPN leaking DNS with DNS Director / RT-AX88U Asuswrt-Merlin 5
A PROBLEM, DNS Director AdGuard + VPN Wireguard Asuswrt-Merlin 9
D Solved Local DNS and VPN Clients Asuswrt-Merlin 1
P Accessing remotly Server While Using VPN on Asus Router with Merlin Firmware Asuswrt-Merlin 9
G Using VPN Director to route only torrent traffic through VPN Asuswrt-Merlin 9
B Unable to establish VPN connection to my PiVPN (ovpn) from my Asus RT-AC86U running Asuswrt-Merlin 386.14 Asuswrt-Merlin 1
S Wireguard VPN doesn't work, buyer beware Asuswrt-Merlin 6
G VPN director configuration for qBittorrent Asuswrt-Merlin 7
J ASUS GT-AXE16000 CPU usage with VPN on lan machine Asuswrt-Merlin 25

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 656 (members: 26, guests: 630)
Top