I have successfully installed the OpenVPN Access Server on a Linode instance with Ubuntu 20.04.
I connect to it using the downloaded .ovpn profile with my linux laptop client with no issues.
The configuration on the OpenVPN server is pretty much vanilla, except i changed the port to 443 for the tunnel, disabled UDP,
and added the users i needed to connect. (please let me know if there is a way to export the current configuration settings with a private switch for easier reading)
Now, running some checks for IP and DNS leaks on this site while connected to the server, i can see my ISP is leaking ipv6 and DNS all over the place.
I got around the ISP's DNS leak by configuring opendns in my web browser, which is not ideal.
I see a section under Configuration>VPN settings>DNS settings and i have the "Have clients use the same DNS servers as the Access Server host" switch ON, but is not helping to prevent the DNS leak.
For the IPV6 leak issue, i am reading some workarounds online, and found this:
I added the 2 lines to my /usr/local/openvpn_as/as.conf file and restarted the server, but it is not doing anything, my ipv6 still leaks.Editing our current OpenVPN config
You will simply have to add two lines to your OpenVPN server config, which is usually found at /etc/openvpn/server.conf or /etc/openvpn/server/server.conf or similar. Simply edit using nano or vim or your favorite editor:
And add the following two lines:
push "route-ipv6 2000::/3"
This will assign the network address of 2001:db8:0:123::/64 to your OpenVPN server, and then push a route so that all IPv6-internet addresses on the client side will be connected to through the VPN server.
The router i am currently using is from my ISP, and it does NOT have an option to disable ipv6. Meanwhile i am waiting for another router to replace it.
Is there a way to configure some settings in the OpenVPN AS to make the tunnel only show the IPv4 address on it and not leak the DNS/IPv6 from my ISP regardless of which device / location i use to connect to it?
Thank you guys for any tips.