Hi all
I am new here, have configured Open VPN Access Server on linux Ubuntu 20.04 (installed via repository)
But when I check for DNS leak, it shows Google DNS
I checked my configuration by logging on to access server and it shows 'Have clients use the same DNS servers as the Access Server host
Yes'
Can somebody help me fix this DNS leak, requesting for an easy tutorial, I am very early with this technology and Linux.
Thanking you all
DNS leak
-
openvpn_inc
- OpenVPN Inc.
- Posts: 1333
- Joined: Tue Feb 16, 2021 10:41 am
Re: DNS leak
Hi There,
It is probably that you have configured this DNS under as a nameserver. You can view that to confirm under:
You can also run below command to see the complete details about the actual nameservers.
So, if you wish to remove that, then edit your resolv.conf and delete that entry then save it. Also, just for your information, if you wish to test the resolution of this DNS, then initiate an openvpn session with the client configured on your access server and check on that client the DNS being resolved.
Regards,
Crowley
It is probably that you have configured this DNS under as a nameserver. You can view that to confirm under:
Code: Select all
# less /etc/resolv.conf
Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 127.0.0.53
Code: Select all
systemd-resolve --statusRegards,
Crowley
OpenVPN Inc.Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support
-
drravi1110
- OpenVPN User
- Posts: 25
- Joined: Fri Aug 21, 2020 10:46 am
Re: DNS leak
Thanks Crowley
But still I can't fix it, can you please give me a easy tutorial ?
Regards
Ravi
But still I can't fix it, can you please give me a easy tutorial ?
Regards
Ravi
-
drravi1110
- OpenVPN User
- Posts: 25
- Joined: Fri Aug 21, 2020 10:46 am
Re: DNS leak
# less /etc/resolv.conf
domain ap-south-1.compute.internal
search ap-south-1.compute.internal
nameserver 172.26.0.2
# systemd-resolve --status
Global
DNS Servers: 172.26.0.2
DNS Domain: ap-south-1.compute.internal
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 4 (as0t1)
Current Scopes: none
LLMNR setting: yes
MulticastDNS setting: no
domain ap-south-1.compute.internal
search ap-south-1.compute.internal
nameserver 172.26.0.2
# systemd-resolve --status
Global
DNS Servers: 172.26.0.2
DNS Domain: ap-south-1.compute.internal
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 4 (as0t1)
Current Scopes: none
LLMNR setting: yes
MulticastDNS setting: no
-
openvpn_inc
- OpenVPN Inc.
- Posts: 1333
- Joined: Tue Feb 16, 2021 10:41 am
Re: DNS leak
Hi There,
Can you please post here on how you are confirming a DNS leak you are pertaining? Are you using a web based like dnsleaktest?
Also, have you tried to run or initiate an openvpn session then confirm which DNS you are getting?
And as per the guide we have with the option:
Regards,
Crowley
Can you please post here on how you are confirming a DNS leak you are pertaining? Are you using a web based like dnsleaktest?
Also, have you tried to run or initiate an openvpn session then confirm which DNS you are getting?
And as per the guide we have with the option:
When a client connects to the VPN, its DNS settings are altered so that the client resolves names using the DNS servers configured for the Unix host running Access Server. Are you aware of this? And to confirm, i don't see google DNS with your output for "systemd-resolve --status".Have clients use the same DNS servers as the Access Server host
Regards,
Crowley
OpenVPN Inc.Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support
-
drravi1110
- OpenVPN User
- Posts: 25
- Joined: Fri Aug 21, 2020 10:46 am
Re: DNS leak
Thanks Crowley
Yes I do check DNS leak through web based services (dnsleaktest)
Whenever I check, it shows Google DNS !!!
This is what my problem is ?
I get my IP address as Amazon Mumbai.
And as previously mentioned I have configured server 'Have clients use the same DNS servers as the Access Server host - Yes'
I did another server yesterday in Chennai, configured Open VPN access server, but the same issue, Google DNS !!!
Regards
Ravi
Yes I do check DNS leak through web based services (dnsleaktest)
Whenever I check, it shows Google DNS !!!
This is what my problem is ?
I get my IP address as Amazon Mumbai.
And as previously mentioned I have configured server 'Have clients use the same DNS servers as the Access Server host - Yes'
I did another server yesterday in Chennai, configured Open VPN access server, but the same issue, Google DNS !!!
Regards
Ravi
-
openvpn_inc
- OpenVPN Inc.
- Posts: 1333
- Joined: Tue Feb 16, 2021 10:41 am
Re: DNS leak
Hi Ravi,
And while you are doing this, you are connected via the OpenVPN Connect client to Access Server right?
Can you provide all the screenshots or the output of your testing here for us to visualize your issue clearly?
Regards,
Crowley
And while you are doing this, you are connected via the OpenVPN Connect client to Access Server right?
Can you provide all the screenshots or the output of your testing here for us to visualize your issue clearly?
Regards,
Crowley
OpenVPN Inc.Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support
-
drravi1110
- OpenVPN User
- Posts: 25
- Joined: Fri Aug 21, 2020 10:46 am
Re: DNS leak
Hi Crowley,
Thanks for your support, but how can I attach screen shots, can't find the option
Regards
Ravi
Thanks for your support, but how can I attach screen shots, can't find the option
Regards
Ravi
-
openvpn_inc
- OpenVPN Inc.
- Posts: 1333
- Joined: Tue Feb 16, 2021 10:41 am
Re: DNS leak
Hi There,
Nevermind the screenshot requested. Just to let you know, a DNS leak only occurs when a DNS request goes via your normal internet connection instead of through the VPN tunnel, and it could also be your server configuration causing this.
Can you please confirm if you are using split tunneling or you are setup with traffic being routed via the tunnel?
Also, t is much safer to configure DNS servers for VPN connection manually (Configuration -> VPN Settings -> Have clients use specific DNS servers -> fill the servers fields). Thank you!
Regards,
Crowley
Nevermind the screenshot requested. Just to let you know, a DNS leak only occurs when a DNS request goes via your normal internet connection instead of through the VPN tunnel, and it could also be your server configuration causing this.
Can you please confirm if you are using split tunneling or you are setup with traffic being routed via the tunnel?
Also, t is much safer to configure DNS servers for VPN connection manually (Configuration -> VPN Settings -> Have clients use specific DNS servers -> fill the servers fields). Thank you!
Regards,
Crowley
OpenVPN Inc.Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support
-
drravi1110
- OpenVPN User
- Posts: 25
- Joined: Fri Aug 21, 2020 10:46 am
Re: DNS leak
Thanks Crowley, I got it and have fixed it, now my VPN shows Amazon DNS server
Regards
Ravi.
Regards
Ravi.
-
openvpn_inc
- OpenVPN Inc.
- Posts: 1333
- Joined: Tue Feb 16, 2021 10:41 am
Re: DNS leak
Hi Ravi,
Good to hear that. If anything else is needed on your access server, you can open a ticket directly at https://openvpn.net/us2/support-center.php
Crowley
Good to hear that. If anything else is needed on your access server, you can open a ticket directly at https://openvpn.net/us2/support-center.php
Reagrdsdrravi1110 wrote: ↑Fri Mar 26, 2021 8:02 amThanks Crowley, I got it and have fixed it, now my VPN shows Amazon DNS server
Regards
Ravi.
Crowley
OpenVPN Inc.Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support