We are running an OpenVPN Access Server deployed through the GCP marketplace. The setup when smoothly and everything is working as expected server side, however whenever a user connects to the VPN client side, they have no internet.
A workaround for this issue for our users is to add 8.8.8.8/0.0.0.0 as a DNS server for the local machine, however this has to be done every time the user connects, so becomes frustrating and is not ideal for our less tech savy users.
I was looking to find out if there are any setting I can put in place server side to avoid this workaround? I have had a look in a few places it looks like I will need to set up a server.conf file which is not currently present on our server. What setting need to go into this, and will I also need users to set up a clinet.conf file to match it?
OpenVPN GCP BYOL Instance no internet when connecting
-
- OpenVpn Newbie
- Posts: 2
- Joined: Thu Feb 24, 2022 4:05 pm
-
- OpenVPN Power User
- Posts: 156
- Joined: Thu Mar 28, 2013 8:31 am
Re: OpenVPN GCP BYOL Instance no internet when connecting
In the OpenVPN AS admin web panel, under Configuration -> VPN Settings, find "DNS Settings"
Then try changing it to "Do not alter clients' DNS server settings"
If you really do want it set to 8.8.8.8 every time instead, change it to "Have clients use specific DNS servers"
In addition to 8.8.8.8 as the Primary, I recommend using 8.8.4.4 as the Secondary.
Then try changing it to "Do not alter clients' DNS server settings"
If you really do want it set to 8.8.8.8 every time instead, change it to "Have clients use specific DNS servers"
In addition to 8.8.8.8 as the Primary, I recommend using 8.8.4.4 as the Secondary.
-
- OpenVpn Newbie
- Posts: 2
- Joined: Thu Feb 24, 2022 4:05 pm
Re: OpenVPN GCP BYOL Instance no internet when connecting
Thank you very much for this. "Do not alter clients' DNS server settings" was already set to yes, but using "Have clients use specific DNS servers" and setting the IPs resolved the issue
- openvpn_inc
- OpenVPN Inc.
- Posts: 1332
- Joined: Tue Feb 16, 2021 10:41 am
Re: OpenVPN GCP BYOL Instance no internet when connecting
Actually that does not matter. Both addresses are anycast, so your queries are answered by any member of the Google Public DNS farm. Probably all the members of the farm are answering on both addresses.
There is nothing wrong with only using only one of those addresses for DNS. The only way it can be a SPOF is when a firewall blocks the address (and if it blocks one, most likely it blocks the other.)
regards, rob0

Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support