Page 1 of 1

Recent updates to Chrome and Android to Secure/Private DNS - Broke OpenVPN

Posted: Wed Feb 01, 2023 9:52 pm
by adamparker
I am using the OpenVPN application from Arne Schwabe which has worked for many years.

This week (End of Jan2023) I upgraded my Android device (Samsung S21) and I was no longer able to access services on my LAN through the VPN.

I could access them directly via IP but not DNS.

After some troubleshooting, Private DNS is now enabled by default in Android and Secure DNS is also enabled by default in Chrome.

If you rely on DNS then this will now fail, it will look like it is browsing but it is talking to google servers using QUIC and ignores your DNS options.

This might still work if you have globally resolvable domain names, but I don't.

I disabled both of them and I now have access again as before. In order to re-enable I have to add a root CA to the phone for the sites. Usually I just clicked the security exceptions but this option is no longer available.