Page 1 of 1
DNS leak
Posted: Mon Mar 15, 2021 9:24 am
by drravi1110
Hi all
I am new here, have configured Open VPN Access Server on linux Ubuntu 20.04 (installed via repository)
But when I check for DNS leak, it shows Google DNS
I checked my configuration by logging on to access server and it shows 'Have clients use the same DNS servers as the Access Server host
Yes'
Can somebody help me fix this DNS leak, requesting for an easy tutorial, I am very early with this technology and Linux.
Thanking you all
Re: DNS leak
Posted: Mon Mar 15, 2021 10:26 pm
by openvpn_inc
Hi There,
It is probably that you have configured this DNS under as a nameserver. You can view that to confirm under:
Code: Select all
# less /etc/resolv.conf
Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 127.0.0.53
You can also run below command to see the complete details about the actual nameservers.
So, if you wish to remove that, then edit your resolv.conf and delete that entry then save it. Also, just for your information, if you wish to test the resolution of this DNS, then initiate an openvpn session with the client configured on your access server and check on that client the DNS being resolved.
Regards,
Crowley
Re: DNS leak
Posted: Tue Mar 16, 2021 9:45 am
by drravi1110
Thanks Crowley
But still I can't fix it, can you please give me a easy tutorial ?
Regards
Ravi
Re: DNS leak
Posted: Tue Mar 16, 2021 9:55 am
by drravi1110
# less /etc/resolv.conf
domain ap-south-1.compute.internal
search ap-south-1.compute.internal
nameserver 172.26.0.2
# systemd-resolve --status
Global
DNS Servers: 172.26.0.2
DNS Domain: ap-south-1.compute.internal
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 4 (as0t1)
Current Scopes: none
LLMNR setting: yes
MulticastDNS setting: no
Re: DNS leak
Posted: Tue Mar 16, 2021 9:47 pm
by openvpn_inc
Hi There,
Can you please post here on how you are confirming a DNS leak you are pertaining? Are you using a web based like
dnsleaktest?
Also, have you tried to run or initiate an openvpn session then confirm which DNS you are getting?
And as per the guide we have with the option:
Have clients use the same DNS servers as the Access Server host
When a client connects to the VPN, its DNS settings are altered so that the client resolves names using the DNS servers configured for the Unix host running Access Server. Are you aware of this? And to confirm, i don't see google DNS with your output for "systemd-resolve --status".
Regards,
Crowley
Re: DNS leak
Posted: Tue Mar 16, 2021 11:36 pm
by drravi1110
Thanks Crowley
Yes I do check DNS leak through web based services (dnsleaktest)
Whenever I check, it shows Google DNS !!!
This is what my problem is ?
I get my IP address as Amazon Mumbai.
And as previously mentioned I have configured server 'Have clients use the same DNS servers as the Access Server host - Yes'
I did another server yesterday in Chennai, configured Open VPN access server, but the same issue, Google DNS !!!
Regards
Ravi
Re: DNS leak
Posted: Thu Mar 18, 2021 2:44 pm
by openvpn_inc
Hi Ravi,
And while you are doing this, you are connected via the OpenVPN Connect client to Access Server right?
Can you provide all the screenshots or the output of your testing here for us to visualize your issue clearly?
Regards,
Crowley
Re: DNS leak
Posted: Fri Mar 19, 2021 8:43 am
by drravi1110
Hi Crowley,
Thanks for your support, but how can I attach screen shots, can't find the option
Regards
Ravi
Re: DNS leak
Posted: Wed Mar 24, 2021 6:40 pm
by openvpn_inc
Hi There,
Nevermind the screenshot requested. Just to let you know, a DNS leak only occurs when a DNS request goes via your normal internet connection instead of through the VPN tunnel, and it could also be your server configuration causing this.
Can you please confirm if you are using split tunneling or you are setup with traffic being routed via the tunnel?
Also, t is much safer to configure DNS servers for VPN connection manually (Configuration -> VPN Settings -> Have clients use specific DNS servers -> fill the servers fields). Thank you!
Regards,
Crowley
Re: DNS leak
Posted: Fri Mar 26, 2021 8:02 am
by drravi1110
Thanks Crowley, I got it and have fixed it, now my VPN shows Amazon DNS server
Regards
Ravi.
Re: DNS leak
Posted: Mon Mar 29, 2021 3:05 pm
by openvpn_inc
Hi Ravi,
Good to hear that. If anything else is needed on your access server, you can open a ticket directly at
https://openvpn.net/us2/support-center.php
drravi1110 wrote: ↑Fri Mar 26, 2021 8:02 am
Thanks Crowley, I got it and have fixed it, now my VPN shows Amazon DNS server
Regards
Ravi.
Reagrds
Crowley