Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Mullvad WG issue, Local Configuration DNS server doesn't resolve
« previous
next »
Print
Pages: [
1
]
Author
Topic: Mullvad WG issue, Local Configuration DNS server doesn't resolve (Read 1290 times)
cynicalApples7
Newbie
Posts: 16
Karma: 0
Mullvad WG issue, Local Configuration DNS server doesn't resolve
«
on:
December 03, 2022, 09:50:39 pm »
I am hoping that someone can explain to me why the following DNS issue is happening. I cannot figure it out. I used this guide as a... guide
https://docs.opnsense.org/manual/how-tos/wireguard-client-mullvad.html
I download a Linux .conf file from mullvad.net.
[Interface]
PrivateKey = *******************************************
Address = 10.64.30.159/32,fc00:bbbb:bbbb:bb01::1:1e9e/128
DNS = 10.64.0.1
[Peer]
PublicKey = egl+0TkpFU39F5O6r6+hIBMPQLOa8/t5CymOZV6CC3Y=
AllowedIPs = 0.0.0.0/0,::0/0
Endpoint = 45.129.56.67:51820
I plug this into WireGuard
Interface > Local
Peer > Endpoints
and those the Local and those the Endpoint as Peer.
Connect, no errors:
interface: wg2
public key: PkALQNDZXNxK43Fd079oAdTT2MLLQERTl2Zx6SkFfBQ=
private key: (hidden)
listening port: 51820
peer: R5LUBgM/1UjeAR4lt+L/yA30Gee6/VqVZ9eAB3ZTajs=
endpoint: 45.129.56.68:51820
allowed ips: ::/0, 0.0.0.0/0
latest handshake: 35 seconds ago
transfer: 676.02 MiB received, 23.65 MiB sent
persistent keepalive: every 30 seconds
I can connect to mullvad.net and see that i am connected and have no DNS leaks. But I cannot resolve any DNS queries.
I am guessing it is a mistake in my Unbound DNS configuration.
Services: Unbound DNS: General
Here is just some general settings.
System: Settings: General
I have tried to add 10.64.0.1 as a DNS server to "System: Settings: General", that didn't work either. There are two ways in which I have gotten around this, but none of them are really optimal.
1. Is to set 10.64.0.1 on the Services: DHCPv4: [LAN]. That works, but it bypassed the Unbound DNS blocklist.
2. The second option is slighty better, is too use Mullvad DoT/DoH DNS servers, whereby the DNS blocklist still works, but it is slower.
Can someone spot my mistake. Where am I gonna since I cannot just have the DNS server from the WireGuard configuration work?
I have out of curioisty subscribed to ProtonVPN and I did the same simple setup just adding the Interface and Peer entries from a .conf file. And that worked.
It appears to be an issues between my setup and Mullvad. I just do not know why or how.
«
Last Edit: December 03, 2022, 09:56:55 pm by cynicalApples7
»
Logged
frankw
Newbie
Posts: 13
Karma: 0
Re: Mullvad WG issue, Local Configuration DNS server doesn't resolve
«
Reply #1 on:
December 06, 2022, 06:04:18 am »
I set mine up with a gateway, not sure if this is the issue. I did not touch unbound and am using a separate DNS server for local DNS. I don't think this has anything to do with unbound, as your config would send all traffic down the tunnel (0.0.0.0/0). Did you create the outbound NAT rule, as I didn't see that in your screenshots?
I attached my config if that helps.
«
Last Edit: December 06, 2022, 06:12:58 am by frankw
»
Logged
cynicalApples7
Newbie
Posts: 16
Karma: 0
Re: Mullvad WG issue, Local Configuration DNS server doesn't resolve
«
Reply #2 on:
December 06, 2022, 04:34:37 pm »
I had a screenshot of my Outbound NAT, but I couldn't post more than 4
I guess I would try a sett up a gateway.
Logged
sunnbus
Newbie
Posts: 4
Karma: 0
Re: Mullvad WG issue, Local Configuration DNS server doesn't resolve
«
Reply #3 on:
December 07, 2022, 03:53:06 am »
Took me a while to configure WG on OPNsense (still working out some small issues) and had a similar problem to yours. Might be a a firewall DNS redirect problem, but here's my entire setup and difference compared to yours, which works well:
-in vpn "local," left DNS blank, unchecked "disable route" and left gateway blank
-set up an interface, static IPV4, IPV4 address your tunnel address, create an upstream gateway
-in system/gateways, interface should be abovementioned, address family IpV4, Ip address 10.64.0.1, far gateway checked and rest unchecked
firewall:interface - abovementioned, protocol TCP/UDP, source port and address any, destination address [gateway]address, destination port DNS, IP 127.0.0.1, redirect target port DNS //this redirects DNS requests made through your VPN gateway to local DNS server.
Hope this helps
Logged
cynicalApples7
Newbie
Posts: 16
Karma: 0
Re: Mullvad WG issue, Local Configuration DNS server doesn't resolve
«
Reply #4 on:
December 07, 2022, 04:59:21 am »
Yes good idea. That might work since 10.64.0.1 is Mullvad default gateway
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Mullvad WG issue, Local Configuration DNS server doesn't resolve