DNS is not restored after wakeup

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
TancrediT
OpenVpn Newbie
Posts: 1
Joined: Thu Jun 21, 2018 7:49 am

DNS is not restored after wakeup

Post by TancrediT » Thu Jun 21, 2018 8:19 am

Hello,

Since I upgraded to MacOS High Sierra, I started to encounter an annoying problem about DNS. The problem happens regularly and highly reproducible. The flow is like this:
  • I connect to the VPN server I configured on my server without any issue at location-A on my laptop,
  • I close the lit of the laptop without disconnecting from the VPN,
  • I go to location-B on a different network, and wake up my laptop,
  • VPN connection is gone, naturally. Both the wi-fi and wired connections are up without any issue. But, I can not access to internet.
I found out that, DNS settings are not correct. DNS Server list contains the DNS for the VPN as second the entry and another DNS number as the first entry. I am not sure where it gets the first entry. When I select them and remove them by pressing "-", one by one until the list becomes empty, the list is filled with the legit DNS ips provided by the localnet using DHCP immediately and automatically. Then network starts to work. Then, I can connect to VPN or choose not to use it.

I list a few possibly useful information about the system. I appreciate if you show me a few pointers.
Best,
Tancredi



Here are a few settings and versions:

The MacOS version is 10.13.4
Tunnelblick version is 3.7.5a
Chosen OpenVPN version is 2.4.4 - OpenSSL v1.0.2o
On expected disconnect do nothing
On unexpected disconnect do nothing
Checked (related) items at advance:
Flush DNS...
Computer sleep/wake : Disconnect when computer goes to sleep
Monitor network settings: DNS Server Restore at both when changes to pre--VPN and when changes to anything else


Stripped server configuration:

Code: Select all

port 443
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 10.8.0.1"
keepalive 10 120
tls-auth ta.key 0
key-direction 0
cipher AES-128-CBC   # AES
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
sndbuf 393216
rcvbuf 393216
push "sndbuf 393216"
push "rcvbuf 393216"
Stripped client configuration:

Code: Select all

client
dev tun
proto udp
remote <ip address of the server> 443
resolv-retry infinite
nobind
persist-key
persist-tun
cipher AES-128-CBC
auth SHA256
key-direction 1
remote-cert-tls server
comp-lzo
verb 3
<ca>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</ca>
<cert>
 -- the cert --
</cert>
<key>
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
-----END OpenVPN Static key V1-----
</tls-auth>
Top
Post Reply

Return to “Server Administration”