[gil_happy]

Hello,

I have recently configured an OpenVPN server (tun) on a Netgear R6700 [DD-WRT v3.0-r61648 std (06/05/25)] using 'egc' DDWRT OpenVPN Server Setup guide v34.pdf guide and it works great!

The problem that I'm having is pushing the DNS info from the OpenVPN server ISP to the Android clients that connect (see attached drawing). When I go to page 20 of the guide, I can't seem to get this working. Basically I want the Android client to the server to have the same DNS information as a local client that is connected to the cable modem / router. I believe the WAN interface on the Cable Modem obtains all it's info via DHCP including DNS.

I have tried the following:
- I added [push "redirect-gateway def1"] to Additional config and it did not work
- I tried adding both [push "route 0.0.0.0 128.0.0.0 vpn_gateway"] & [push "route 128.0.0.0 128.0.0.0 vpn_gateway"] to Additional config and it did not work.

Any suggestions?

Thanks in advance

[egc]

You are pushing default routes which is not necessary as there is a GUI option for that (Push Client route).

The same paragraph on page 20 has instructions how to push DNS server(s) to the client.

[gil_happy]

Hi, thanks for this... a couple of things:

- "Push Client Route: Default Gateway" in Advanced Options is enabled.

Then I see the following in your guide:

If you want to resolve DNS names over the VPN you will need to add the below lines to "Additional Configuration."
If you want to use a public DNS server (e.g. Google's ):
push "dhcp-option DNS 8.8.8.8"

- I don't want to set a specific public DNS server, so this is not the option

I assume this is the section you are referring to about pushing the DNS server settings from the OpenVPN server which is using the DNS from the ISP:

If you want to use your own router/OpenVPN server (my servers Lan Domain is named "home5"):
push "dhcp-option DNS 192.168.5.1"
push "dhcp-option DOMAIN home5"

- in my case, I hardcoded my OpenVPN router to 192.168.1.2 since the ISP router / gateway is 192.168.1.1
- then under 'Setup', 'Basic Setup' under Optional Settings, I set the 'Hostname' = home5

So based on this, I added the following to 'Services', 'VPN', then Additional Config and when I connect to the VPN, the DNS is not getting pushed.

push "dhcp-option DNS 192.168.1.2"
push "dhcp-option DOMAIN home5"

[egc]

How do you know the DNS server is not pushed?

Even if it is pushed, it is up to the client to deal with the pushed DNs servers.

For my Android phone and tablet I use Arne Schwabs OpenVPN client for Android with that you can see in the log that a DNS server is pushed, my OpenVPN server on 192.168.6.1 is pushed to my Android client and is working, I have local name resolution.

You can push any DNS server you want, but of course that DNS server has to listen to requests from the OpenVPN subnet/interface.

Your OpenVPN server normally runs on a router in gateway mode with DNSMasq running on the router and if so you push the routers address as DNS server as that is where DNSMasq is listening.

DNSMasq on DDWRT should listen automatically on the tun interface.

Of course if your setup is different or you have another DNS server then DNSMasq on the router, then you have to adapt accordingly

[gil_happy]

Hi, thanks for this..... in terms of the DNS client not being pushed, I am using dnsleaktest.com and could see that once the Android client connected to the VPN server, the DNS was from my cell phone provider (vs the ISP where the OpenVPN server was connected to).

Yep, I use Arne Schwabs OpenVPN as well. However, I never did notice the DNS settings in the log - in fact I could see 'home5' in the log.

I figured out what the problem was. Your guide references 192.168.5.1 and thankfully you mentioned 192.168.6.1 in this email, so I could see what the problem was. I had push "dhcp-option DNS 192.168.1.2", but needed to change to push "dhcp-option DNS 192.168.1.1"


*** That being said, I see the DNS servers are now being pushed to the client. Thanks for helping me out 👍

[egc]

👍