26.4: OpenVPN Options/Push Options

Started by JohnDoe17, May 08, 2026, 05:10:38 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 08, 2026, 05:10:38 PM
Hello.

I am a licensed user of the 26.4 Business edition.

I am busy researching what all of the various OpenVPN Options and Push Options that OPNsense support do..., but I'd also like the forum's opinion on which set of Options and Push Options that you would recommend for a typical Road Warrior configuration to connect into a lab network?  (This is not a home lab.  This is a real, business lab environment.)

My initial thoughts are these:

Options:
--------
block-ipv6

Push Options:
-------------
push block-ipv6 (do I need this in both spots?)
push block-outside-dns
explicit-exit-notify (since I am using UDP)

I'm looking for your opinions on best practices for these settings, I guess.

Also, what is the differences between Push Option "push register-dns" and the stand alone setting "Register DNS?"

Thank you.
Today at 12:59:06 PM #1
Quote from: JohnDoe17 on May 08, 2026, 05:10:38 PMAlso, what is the differences between Push Option "push register-dns" and the stand alone setting "Register DNS?"
Seems to be a Windows specific option : https://linux.die.net/man/8/openvpn
Quote--register-dns
Run net stop dnscache, net start dnscache, ipconfig /flushdns and ipconfig /registerdns on connection initiation. This is known to kick Windows into recognizing pushed DNS servers.
Weird guy who likes everything Linux and *BSD on PC/Laptop/Tablet/Mobile and funny little ARM based boards :)
Print
Go Up Pages1
User actions