Wireguard : tunnel up and running but DNS resolved locally

[3bRVK6Mz]

Hello,

I have successfully established a Wireguard Connection between my OPNsense router (in Canada) and a linux server (in France) where I installed Wireguard.

I am able to create firewall rules in order to pass some traffic through that tunnel. For example I can make my laptop in Canada go out through the Wireguard tunnel instead of the WAN, so that it gets the french public ip address.

The only issue that I have is DNS resolution. Even though I've designed the firewall rule to pass ALL traffic through the Wireguard Gateway, DNS is still resolved locally, that is in Canada and NOT at the other end of the wireguard tunnel in France ...
I tried setting different "DNS Servers" in the local configuration part of Wireguard on OPNsense but none of them worked.

Am I missing something here ? Is that even possible with OPNsense ? If instead of connecting OPNsense, I connect with my phone to the Wireguard server, I do get the french IP and the french DNS.

The reason behind this is that some geo restrictions are based on public IP addresses and DNS. If you appear with a certain IP but you resolve it through a DNS that's on the other side of the world, some content provider will block you.

I attached a few pictures of my config in case that helps. Thank you in advance

Pierre

[koushun]

What is the IP adresse of the DNS server you have on your laptop?

Assumption: you are physically in Canada with your laptop and OPNsense firewall. You are connected to France via WireGuard VPN to your Linux server.

Do you have a resolver installed on the Linux server?
What happens if you statistically point your DNS server adresse to this address?

How about creating a port forward rule, redirecting DNS requests to this resolver on your Linux machine.

Or create a port forward redirect rule for DNS, sending traffic to your Linux server - which here you would have to create a WireGuard WAN gateway-interface?