DNS resolution fails after upgrading to 2.4.0

Scripts with setup, destroy, and modify routing tables and firewall rulesets for client connections.
dougs
OpenVpn Newbie
Posts: 3
Joined: Fri Sep 06, 2013 10:28 pm

DNS resolution fails after upgrading to 2.4.0

Postby dougs » Fri Jan 06, 2017 5:45 pm

Hello-

I upgraded my Windows x64 Openvpn Community Edition software to version 2.4.0 from 2.3.14 and right away I can see that I cannot resolve hostnames within the LAN via VPN. Rolling back to 2.3.14 allows me to successfully resolve hostnames.

Here is the client script:

dev tun
persist-tun
persist-key
cipher AES-128-CBC
auth SHA1
tls-client
client
resolv-retry infinite
remote xxx.xxx.xxx.xxx 1194 udp
lport 0
verify-x509-name "FirewallServerCert" name
pkcs12 firewall-udp-1194.p12
tls-auth firewall-udp-1194-tls.key 1
ns-cert-type server
comp-lzo adaptive
passtos
block-outside-dns

I'm running the default openvpn 2.3 on our pfsense 2.3.2 firewall.

I cannot locate the appropriate changes that need to be made in order for DNS resolution to function under 2.4.0. Can someone point me in the right direction?

~Doug

dougs
OpenVpn Newbie
Posts: 3
Joined: Fri Sep 06, 2013 10:28 pm

Re: DNS resolution fails after upgrading to 2.4.0

Postby dougs » Fri Jan 06, 2017 5:51 pm

Addendum:

On the server side, these are the extra commends I've included to enable routing within the LANs:

push "route 192.168.xxx.xxx 255.255.255.0";
push "route 192.168.xxx.xxx 255.255.255.0";
route-method exe;

Do these need to be modified for the 2.4 clients?

~Doug

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2428
Joined: Fri Jun 03, 2016 1:17 pm

Re: DNS resolution fails after upgrading to 2.4.0

Postby TinCanTech » Fri Jan 06, 2017 6:00 pm

Do not use

Code: Select all

lport 0
in your client config, instead use

Code: Select all

nobind


As for DNS resolution, that should not be effected by the upgrade.

Perhaps using --block-outside-dns is causing some issue ? hard to say without logs.

Please see:
HOWTO: Request Help !

TiTex
OpenVPN Expert
Posts: 206
Joined: Tue Apr 12, 2011 6:22 am

Re: DNS resolution fails after upgrading to 2.4.0

Postby TiTex » Fri Jan 06, 2017 6:26 pm

i'm using version 2.4 as a client and the server is a quite old version on the router appliance has , i think 2.2 ... and i don't have such issues.


Return to “Routing and Firewall Scripts”

Who is online

Users browsing this forum: No registered users and 2 guests