Client connected / Win10 DNS not working

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Post Reply
qhr0412
OpenVpn Newbie
Posts: 1
Joined: Wed Aug 10, 2022 9:25 am

Client connected / Win10 DNS not working

Post by qhr0412 » Wed Aug 10, 2022 10:44 am

Hello,

After the OpenVPN client connected on windows 10, the domain can't be resolved, I guess it's a DNS problem. (But it works well on windows 7)

server.conf: (ubuntu 22)
port 1194
proto udp
dev tun
user nobody
group nogroup
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 94.140.14.14"
push "dhcp-option DNS 94.140.15.15"
dh none
ecdh-curve prime256v1
tls-crypt tls-crypt.key
crl-verify crl.pem
ca ca.crt
cert server_oheNEiztDlcqOm4y.crt
key server_oheNEiztDlcqOm4y.key
auth SHA256
cipher AES-128-GCM
ncp-ciphers AES-128-GCM
tls-server
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
client-config-dir /etc/openvpn/ccd
status /var/log/openvpn/status.log
verb 3

client.ovpn: (windows 10)
client
proto udp
explicit-exit-notify
remote my.domain 1194
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name server_oheNEiztDlcqOm4y name
auth SHA256
auth-nocache
cipher AES-128-GCM
tls-client
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
route 172.31.0.0 255.255.0.0
verb 3

==========================================================================
PS C:\Users\Administrator> ping bing.com
Ping request could not find host bing.com. Please check the name and try again.
==========================================================================

==========================================================================
PS C:\Users\Administrator> ping 13.107.21.200

Pinging 13.107.21.200 with 32 bytes of data:
Reply from 13.107.21.200: bytes=32 time=98ms TTL=115
Reply from 13.107.21.200: bytes=32 time=97ms TTL=115
Reply from 13.107.21.200: bytes=32 time=98ms TTL=115
Reply from 13.107.21.200: bytes=32 time=100ms TTL=11

Ping statistics for 13.107.21.200:
Packets: Sent = 4, Received = 4, Lost = 0 (0% lo
Approximate round trip times in milli-seconds:
Minimum = 97ms, Maximum = 100ms, Average = 98ms
==========================================================================


Any idea where this issue could be coming from?

Thanks,
Haoran

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1332
Joined: Tue Feb 16, 2021 10:41 am

Re: Client connected / Win10 DNS not working

Post by openvpn_inc » Sat Aug 13, 2022 4:37 pm

Hi Haoran,

This forum is for issues specific to the proprietary OpenVPN Connect client. It is not for client issues in general (such as with the open source client or third party clients.) And in fact there is no such forum here, because most "client issues" are in fact server issues. Which client software are you using?

I checked out 94.140.14.14 and 94.140.15.15; they are Adguard open resolvers, both of which answered recursive DNS queries for me. (Seemingly a shared cache with both addresses.)

Interesting that Win7 works. I don't know much about Windows (does anyone outside of Redmond?) but I know in 10 and 11 there is a Name Resolution Policy Table (NRPT), and perhaps that's not being updated properly.

Please followup to the Server Administration forum if you are not using OpenVPN Connect. If you are, show some information about NRPT and the nameservers you are using, plus some actual DNS queries. As much as I hate it, nslookup.exe is your best bet on Windows to show what happens with DNS queries. (There are some PowerShell DNS cmdlets which are better in some ways, but IIRC they don't show which nameserver was queried.)

Refer to Microsoft PowerShell documentation about NRPT.

regards, rob0
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

Post Reply