WireGuard breaking DNS

Started by linuximg, June 15, 2022, 05:35:00 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 15, 2022, 05:35:00 PM
I am attempting to setup selective routing through an external VPN endpoint. My goal is to have specific clients(based on IP address) within my network use a VPN for all external communications. I have been using the guides below to set it up.

https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html
https://docs.opnsense.org/manual/how-tos/wireguard-client-mullvad.html
https://listed.to/@lissy93/18842/how-to-mullvad-vpn-using-wireguard-on-opnsense

However, whenever I turn on WireGuard, DNS breaks for my whole network. I have tried it with and without mullvad's DNS server in the Local. Doesn't seem to have any effect.

I am using Unbound DNS and have tried restarting the services and router, but nothing helps. As soon as I disable the WireGuard local, DNS works again.
June 16, 2022, 12:02:07 AM #1
So I ended up going through a different tutorial(https://forum.opnsense.org/index.php?topic=21205.0) with the only real difference being checking 'Disable Routes' on the local peer. This seems to have solved the issue with DNS breaking.

However, after completing everything and settings up the gateway and firewall rules, if I run
Code Select
curl https://am.i.mullvad.net/connected from one of the clients, it showed me as not connected. Any ideas on where I should start troubleshooting this?

Thanks
June 16, 2022, 03:41:24 PM #2
Went through everything again and got it working today. The only thing I believe I did differently was setting up a LAN rule to use the new gateway for the VPN.
June 17, 2022, 11:20:08 AM #3
Don't use WireGuard DNS setting. As you put it will break your whole DNS (by design).


Cheers,
Franco
Print
Go Up Pages1
User actions