Show Posts
1
Virtual private networks / OpenVPN option "block-outside-dns" as checkbox wanted
« on: October 05, 2020, 03:59:06 pm »
Hello there.
Since there is a DNS Leak in Windows10 with OpenVPN:
it appears that our roadwarrior clients do not use our DNS server,
if they have a faster IPV6 (DNS) address in their cache.
We can fix this by adding:
push "block-outside-dns"
at:
Setting OpenVPN Server > Adv Options > Custom Options
Well this works quiet good, but we try to avoid using this field,
duo to security. Although this field is going to be removed in the future.
So it would be nice to have a checkbox for that command at the server config.
It would be really great, if you could implement that option.
kind regards,
martin
Since there is a DNS Leak in Windows10 with OpenVPN:
- https://github.com/ValdikSS/openvpn-fix-dns-leak-plugin
- https://community.openvpn.net/openvpn/ticket/605?__cf_chl_jschl_tk__=a6f7e219f2b7eea6fc3ca6b90a4110db5a79564c-1601904949-0-ARrwznt-ux1J9GjbUS8gszDZBI0hn28Dd0jy2ikTJxVf41p3aezfcUpfH25Ej8iSQAZtUu_HJtAeIloJIhyCbk_N7JPQ9WOOO7lXJiGRJu6a4e2xuzHFOzpQlGyO7yy6eHHqaHdg8tlO7J6qBdJ5-bXUeLq1bAb4PP1Cc8QQbgT1e8fJ2OdREtjaSsrA6pO5KmT0GCkXMOAW7xI_wakhhi7q_1biJQ0Fwu7kG9XDkEUB827hH6J7ildMj6KCdsKnuAGyjJ35xiFb-Vs78FSlrCi8AbrOIKG_o3B_NHK95U4n
- https://redmine.pfsense.org/issues/6719
it appears that our roadwarrior clients do not use our DNS server,
if they have a faster IPV6 (DNS) address in their cache.
We can fix this by adding:
push "block-outside-dns"
at:
Setting OpenVPN Server > Adv Options > Custom Options
Well this works quiet good, but we try to avoid using this field,
duo to security. Although this field is going to be removed in the future.
So it would be nice to have a checkbox for that command at the server config.
It would be really great, if you could implement that option.
kind regards,
martin