Business Community > Controllers > VPN with public dns?
< Controllers

VPN with public dns?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
1234

VPN with public dns?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
36 Reply
Re:VPN with public dns?
2022-08-12 16:32:00

  @ITV 

 

I guess my next ask would be, what DNS settings are passed to the OpenVPN client now when a new connection is established (or was this always how it was set up)?  Do you see either of those manual IPs?  Does 8.8.8.8 still appear?

 

If I had more time, I'd mock this up myself...but crunch time today :)

<< Paying it forward, one juicy problem at a time... >>
  0  
  0  
#12
Options
Re:VPN with public dns?
2022-09-18 15:07:59

  @d0ugmac1 Hi dougmac1, I have the same problem as the OP. My R605 gateway is giving the client the 8.8.8.8 DNS. I never set this anywhere and it's not a DNS server I want to use.

 

I followed the steps you recommended, including setting my DNS server as the WAN Primary DNS Server, just like OP did. The DNS settings passed to the OpenVPN client are:

  192.168.9.1 - My R605, which is not my DNS server.

  8.8.8.8

 

What is not passed is the DNS servers I specified as Primary and Secondary:

  192.168.9.10

  192.168.9.11

 

I set up a pfSense OpenVPN and it has no such problem but I'd rather be using the R605.

 

  0  
  0  
#13
Options
Re:VPN with public dns?
2022-09-18 15:11:22

  @ITV Did you find a solution for this? I have exactly the same problem.

 

I've updated to the latest firmware and Omada software.

 

I set up a pfSense OpenVPN server to test. The same client works fine using that so I don't think it's a client problem.

 

As near as I can tell, TP-Link has hard-coded 8.8.8.8 into their OpenVPN implementation.

 

This is a showstopper for me so I'm really hoping for a solution.

 

  0  
  0  
#14
Options
Re:VPN with public dns?
2022-09-18 22:07:56

  @runner89 

 

Difference is I was using L2TP and you are using OpenVPN.  I am pretty sure you need to manually edit the .ovpn file to change the vpn client settings.  The reason I suspect a difference is different code is used for the two VPNs and since the .ovpn is built by the firmware in the R605 itself.  So export the .ovpn, edit it for the correct DNS settings, and then use that for your client(s).

<< Paying it forward, one juicy problem at a time... >>
  0  
  0  
#15
Options
Re:VPN with public dns?
2022-09-19 01:17:19

  @d0ugmac1

 

Thanks for your thoughts. I did try editing the .ovpn file and added my DNS. That file doesn't mention 8.8.8.8 and yet 8.8.8.8 still gets added. iiuc, the OpenVPN protocol allows the server to set additional settings at the time the client connects. The R605 uses that opportunity to add 8.8.8.8.

 

Switching to L2TP is a perfectly good option if that would fix my problem. I will try that.

 

  0  
  0  
#16
Options
Re:VPN with public dns?
2022-09-19 03:12:19 - last edited 2022-10-13 10:17:43

EDIT

  0  
  0  
#17
Options
Re:VPN with public dns?
2022-09-19 13:06:49 - last edited 2022-09-19 13:09:22

  @runner89  | @d0ugmac1 

 

FYI: I also tried filling all DNS-fields with my own DNS-servers.

But then the connection fails because there is no room for another DNS server... frown

 

Working on a replacement for the TP-link router => OpnSense - a mature router with dito fw and vpn.

Meaning all future customers will get the OpnSense router with a business subscription.

The business subscription allows central management in (more-or-less) the same way Omada does.

 

It is somewhat more expensive but also lesser security concerns...

 

 

 

 

 

*** making it run like clockwork ***
  0  
  0  
#18
Options
Re:VPN with public dns?
2022-09-19 14:43:04 - last edited 2022-10-13 10:17:34

EDIT

  0  
  0  
#19
Options
Re:VPN with public dns?
2022-09-19 15:01:10

I'm a bit surprised by the negativity here...  I don't know who the heck expects a $69 router that is globally available, manageable by cloud and via smartphone app to drop out of the product development chute with every bell and whistle working.  Really?  TP-link doesn't have the development budgets of Cisco and the like because they aren't making 90% margin on every sale, but they are very responsive when it comes to service impacting bugs (props to @Fae and @Hank21).  What they are doing is enabling many here to build their businesses on a cost effective platform that works for most cases.  I do admit there are a few key features that need to be fixed or upgraded, like adding flexibility into the DDNS functionality (I for one would like to be able to use a custom URL) and implementing a fully configurable OpenVPN server (key to this thread and quite a few others).

 

Omada is not perfect, but it continues to improve, and it is certainly cost effective and lastly these forums definitely provide help for how-to's or workarounds when folks do run into trouble.

<< Paying it forward, one juicy problem at a time... >>
  1  
  1  
#20
Options
Re:VPN with public dns?
2022-09-19 16:03:46 - last edited 2022-10-13 10:17:24

EDIT

  1  
  1  
#21
Options
1234
Related Articles
Blocking/Allowing public access to server via IP Groups
1096 0
Bug: Public IP Address displayed incorrectly
373 0
Implementation DNS over HTTPS/TLS
6080 8
Dynamic DNS Custom Please
505 2
Route IPs through different DNS servers
360 0
OpenVPN stops DNS on W10 client
1588 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.