OpenVPN Support Forum

I use OpenVPN with ProtonVPN. I have updated relevant *.ovpn config file with the following lines: The IP addresses are for https://api.myip.com/ to check my IP.

When I connect to the VPN, my traffic to that page correctly goes through the VPN, however, when I want to load any other page, the browser tells me there is a DNS error.

How do I fix it please?

Thanks,

M.

TinCanTech wrote: ↑

Sat Dec 04, 2021 3:23 pm

Do not use --route-nopull

When i remove route-nopull, it fixes the DNS error but for some reason all of my traffic seems to go through the VPN.

When I check https://api.myip.com/ it shows the same IP as when I google 'my ip' and google shows me, whereas it should show two different IPs.

Mortificator wrote: ↑

Sat Dec 04, 2021 3:37 pm

When i remove route-nopull, it fixes the DNS error

obviously..

Mortificator wrote: ↑

Sat Dec 04, 2021 3:37 pm

but for some reason all of my traffic seems to go through the VPN

as it should..

If you don't want to tunnel your traffic then Why are you using ProtonVPN ?

TinCanTech wrote: ↑

Sat Dec 04, 2021 3:51 pm

If you don't want to tunnel your traffic then Why are you using ProtonVPN ?

Yayx, I guess know what the confusion is - the title. My bad

I want to use split tunneling. In other words only traffic directed towards those two IPs should go through the VPN. The rest should stay unaffected.

EDIT: fixed the first post title

This should help: viewtopic.php?f=15&t=33383

It should, had I more experience with how stuff works. :-/

By default, the ProtonVPN *.ovpn config files come with: 'block-outside-dns'. Which works in normal use, so it feels like it should stay there? Or on the other hand, since I had issues with DNS, maybe I should not be blocking it?

The other two options in that thread are: I don't want to use my own server. Don't have any.

EDIT: commenting out 'block-outside-dns' seemed to have fixed the issue. Is that the correct approach or have I just entered some undesirable mode? Thanks

I put the wrong filter ..oops.

Try this: And see the manual for options that you don't understand.

Please see my edit above.

Also, this doesn't work for me:

block-outside-dns
pull-filter ignore "redirect-gateway"
route-nopull
route 172.67.208.45 255.255.255.255 vpn_gateway
route 104.21.23.5 255.255.255.255 vpn_gateway

Nor with the route-nopull commented out.

TinCanTech wrote: ↑

Sat Dec 04, 2021 3:23 pm

Do not use --route-nopull

Mortificator wrote: ↑

Sat Dec 04, 2021 7:56 pm

block-outside-dns
pull-filter ignore "redirect-gateway"
##### DIE -> route-nopull
route 172.67.208.45 255.255.255.255 vpn_gateway
route 104.21.23.5 255.255.255.255 vpn_gateway

And that will not work because you are blocking your DNS.

Right, so this should be the correct approach, right? Do I understand correctly?
Will try tomorrow morning.

Yep, that works.

Thanks, @TinCanTech