Howto Ignore DNS assignments pushed from server

Samples of working configurations.
Post Reply
TonyVier
OpenVpn Newbie
Posts: 4
Joined: Wed Dec 01, 2021 8:56 am

Howto Ignore DNS assignments pushed from server

Post by TonyVier » Wed Dec 01, 2021 9:17 am

Hi,

When I use a ovpn client file as provided by the VPN provider, I can add

Code: Select all

block-outside-dns
to block outside DNS, I can add DNS servers with

Code: Select all

dhcp-option DNS
etc.

So far, so good.

However, the VPN provider always adds it own DNS server too. I would like to block that, so ONLY the DNS servers I add are used...

I tried to add 4 dhcp options (the max as it seems), but then an error occurs.

My current solutions to deny the VPN provider to store my DNS requests are:

1) I have a local DNS server in my network, when I remove "block-outside-dns" from the ovpn file and specify that DNS in the OpenVPN TAP Local area connection, the provider assigned DNS is bypassed. (but my DNS server is exposed)

2) Use the provider ovpn config on a router, and redirect all traffic from my local network, including DNS queries.

Is there another way to remove the openvpn provider assigned DNS from the client?

Thanks,

Tony

User avatar
TinCanTech
Forum Team
Posts: 10246
Joined: Fri Jun 03, 2016 1:17 pm

Re: OpenVPN and DNS assignments

Post by TinCanTech » Wed Dec 01, 2021 1:22 pm

In your client config use:

Code: Select all

pull-filter ignore "dhcp-option  DNS" # Ignore the pushed DNS servers
dhcp-option DNS <YOUR_DNS_SERVER_IP>  # Use your own server
block-outside-dns                     # Only works on Windblows

TonyVier
OpenVpn Newbie
Posts: 4
Joined: Wed Dec 01, 2021 8:56 am

Re: OpenVPN and DNS assignments

Post by TonyVier » Wed Dec 01, 2021 2:56 pm

VPN still pushes their own DNS:

Code: Select all

pull-filter ignore "dhcp-option  DNS" # Ignore the pushed DNS servers
dhcp-option DNS 1.1.1.1  # Use your own server
dhcp-option DNS 1.0.0.1  # Use your own server
block-outside-dns
Result:

Code: Select all

   DNS Servers . . . . . . . . . . . : 1.1.1.1
                                       1.0.0.1
                                       10.143.0.1
I am on Winblows withe the OpenVPN gui etc, latest version.

TonyVier
OpenVpn Newbie
Posts: 4
Joined: Wed Dec 01, 2021 8:56 am

Re: OpenVPN and DNS assignments

Post by TonyVier » Wed Dec 01, 2021 3:03 pm

From the connection log:

Code: Select all

2021-12-01 16:00:08 SENT CONTROL [Server-7315-0a]: 'PUSH_REQUEST' (status=1)
2021-12-01 16:00:08 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.198.0.1,comp-lzo no,route 10.198.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.198.0.6 10.198.0.5,peer-id 18,cipher AES-256-GCM'
2021-12-01 16:00:08 OPTIONS IMPORT: timers and/or timeouts modified
2021-12-01 16:00:08 OPTIONS IMPORT: compression parms modified

User avatar
Pippin
Forum Team
Posts: 1012
Joined: Wed Jul 01, 2015 8:03 am

Re: OpenVPN and DNS assignments

Post by Pippin » Wed Dec 01, 2021 3:03 pm

Watch the spaces...

User avatar
TinCanTech
Forum Team
Posts: 10246
Joined: Fri Jun 03, 2016 1:17 pm

Re: OpenVPN and DNS assignments

Post by TinCanTech » Wed Dec 01, 2021 3:08 pm

Damn that white-space Dragon!

Replace:
TinCanTech wrote:
Wed Dec 01, 2021 1:22 pm

Code: Select all

pull-filter ignore "dhcp-option  DNS" # Ignore the pushed DNS servers
dhcp-option DNS <YOUR_DNS_SERVER_IP>  # Use your own server
block-outside-dns                     # Only works on Windblows
With:

Code: Select all

pull-filter ignore "dhcp-option DNS" # Ignore the pushed DNS servers
dhcp-option DNS <YOUR_DNS_SERVER_IP>  # Use your own server
block-outside-dns                     # Only works on Windblows
@Pippin well spotted!

TonyVier
OpenVpn Newbie
Posts: 4
Joined: Wed Dec 01, 2021 8:56 am

Re: OpenVPN and DNS assignments

Post by TonyVier » Wed Dec 01, 2021 3:23 pm

Ah, the spaces, now it works....

Post Reply