So I've setup OpenVPN Access Server on a VPS (Alma Linux 8). Keep in mind I'm a total newbie at this and have no experience with the product. At this point everything is pretty well setup with the out of the box defaults. I setup a client profile to test, again pretty well with the default options. At first it appears that I have a successful connection (Windows 11 client), except I can't resolve DNS. I can ping the dns servers or any other address on the internet if I have the IP. OK, so I check this board and someone else has the same issue and the suggestion is to push a public DNS server to the client, so I do that and add 4.2.2.1 and 4.2.2.2 to be pushed. Reconnect after making that change, see that those dns servers are set as the default on the Windows 11 device now. However, still can't resolve DNS. Try totally disabling the firewall temporarily on both the W11 device and the VPS to rule out that being the problem, no change. As you can see from the trace at the bottom of the message taken from the VPS, the DNS requests are reaching the access server. I also tried connecting with my iPhone to rule out a Windows 11 issue, same behaviour.
I've spent more hours than I'd like to admit on this and I have no idea where to go next. Santised version of the config file the client receive also below. Can anyone tell me what I am missing?
client
server-poll-timeout 4
nobind
remote 199.xxxx 1194 udp
remote 199.xxxx 1194 udp
remote 199.xxxx 443 tcp
remote 199.xxxx 1194 udp
remote 199.xxxx 1194 udp
remote 199.xxxx 1194 udp
remote 199.xxxx 1194 udp
remote 199.xxxx 1194 udp
dev tun
dev-type tun
remote-cert-tls server
tls-version-min 1.2
reneg-sec 604800
auth-user-pass
verb 3
push-peer-info
10:03:44.579793 In ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 64, id 30836, offset 0, flags [none], proto UDP (17), length 58)
172.27.232.19.53033 > 4.2.2.1.domain: 51927+ A? www.bing.com. (30)
10:03:52.933587 In ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 64, id 14348, offset 0, flags [none], proto UDP (17), length 58)
172.27.232.19.51378 > 4.2.2.2.domain: 14500+ Type65? www.bing.com. (30)
10:03:52.934255 In ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 64, id 35747, offset 0, flags [none], proto UDP (17), length 58)
172.27.232.19.49620 > 4.2.2.2.domain: 51927+ A? www.bing.com. (30)
10:03:56.339169 In ethertype IPv4 (0x0800), length 75: (tos 0x0, ttl 64, id 36364, offset 0, flags [none], proto UDP (17), length 59)
172.27.232.19.64144 > 4.2.2.2.domain: 40781+ Type65? ocs