DNS configuration

[Chris Murphy]

On a related point perhaps, if I may... I'm relatively new to OpenVPN. I have been in IT for over 30 years, however, so while not terribly hands-on for some time, I'm reasonably qualified to be.

I use an Araknis router which offers OpenVPN as a VPN option thereto. I've used it for years. Now in Malaysia, struggling to use a third-party app and testing for DNS leakage, I believe I may need to tighten some things since a DNS leak test site reports that my DNS server is using the local ISP's DNS server.

In trying to come up the learning curve, I came across -dhcp-option DNS [IP]. In trying to set that in the config file used by my OpenVPN client (v11.10.0.0), however, the client logs "Options error: Unrecognized option or missing or extra parameter(s) in 4002.VPN.1 (run as admin).ovpn:14: dhcp-options (2.4.6)". I had specified "dhcp-options DNS 192.168.1.1".

Am I configuring this incorrectly, do I not have the right version of the client, or am I otherwise in left field, please? As a sidebar, I'm unsure that I can control the OpenVPN version that is running on the router.

Thank you for any guidance.

[Pippin]

Hi,

At least we need to see the client configuration and log file @ verb 4:
viewtopic.php?t=22603#p68963
.

[Chris Murphy]

Hello. Thanks for the reply. Apologies for not providing more information. Here is my client configuration file, sans the certificate specifications:

dev tun
proto tcp
remote xx.xx.xx.xx xxxx
cipher AES-128-CBC
auth SHA1
resolv-retry infinite
nobind
persist-key
persist-tun
client
verb 3
redirect-gateway def1
# dhcp-options DNS 192.168.1.1

I don't have access to anything on the server (i.e., Araknis router) side. The client side configuration file was created for me by the router, of course. Aside from the commented out line, which failed to work, I don't think I set up any of this. Since commenting on the noted line, the log file shows a successful connection process. When I was trying to better control DNS behavior, it showed only this:

"Options error: Unrecognized option or missing or extra parameter(s) in 4002.VPN.1 (run as admin).ovpn:14: dhcp-options (2.4.6)"

It's pretty clear my syntax is a problem, but what I don't know for sure is whether I'm even barking up the right tree.

Does that help? Thanks.

[Chris Murphy]

I did just update to verb 4, as well. It makes the successful scenario log file longer, of course, but the unsuccessful attempt (i.e., after including the errant dhcp-options command) contains the same message. Please let me know if you want to see the client / desktop side ipconfig /all results. Thank you.

[Chris Murphy]

This is now resolved. The reference that I had noted "dhcp-options". Pulling up the actual man page for my client version, it's actually "dhcp-option". That indeed seems to resolve the DNS leakage issue. Thank you for the consideration. I may still set up my own OpenVPN Access Server, for better control, on a Windows Server 2019 that I host at home.

[Chris Murphy]

I also now understand the rule about format for configuration submissions. I'll comply going forward. Thanks.

[Pippin]

Hi,

Glad you got it sorted yourself.
Best wishes.
.