WireGuard /w ProtonVPN -> local DNS resolving

Started by opn_minded, November 19, 2024, 03:31:20 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 19, 2024, 03:31:20 PM Last Edit: November 25, 2024, 02:11:08 PM by opn_minded
 I've got a setup with two working WG ProtonVPN-tunnels, but I am facing DNS leaks. This is due to the fact that I need unbound to resolve my local domain (.localhub), obv. because Proton's DNS server can't do that. For external requests, I'm using DNS over TLS towards Cloudflares' DNS servers.

As of now, I'm working with overrides, so e.g. "test.localhub" would have an A-entry with value 10.0.0.99.

I have two question in that regard;

1) Can someone please tell me why clients in my network, that use this WG tunnel have issues browsing e.g. with Reddit? (as an example: if not logged in, I can't access Reddit due to "security issues" -> Reddit tells me I need to login to do anything. In contrast, when I start the native ProtonVPN client on my PC and connect to to the same ProtonVPN server, it's working fine without any issues)

2) What do I need to do, so that opnSense can distinguish between a local DNS request (basically *.localhub) and an outbound DNS request? (assuming this would prevent DNS leaks and prevent occasional "browsing issues" like mentioned with Reddit)

Thanks for your time, have a great day!
Print
Go Up Pages1
User actions