ggkthx Posted June 24, 2017 Author Posted June 24, 2017 Set the DNS on the R1 itself to the OpenDNS servers as well I think you meant PIA VPN servers? I still get DNS leaks. :/
Administrators Netduma Fraser Posted June 25, 2017 Administrators Posted June 25, 2017 I think you meant PIA VPN servers? I still get DNS leaks. :/ Yeah that's what I meant! Do so as well on your ISP hub
Ziltoid Racer Posted June 25, 2017 Posted June 25, 2017 after retesting you are right, sometimes my ip is leaking with the push dns in config. i never noticed ssl was leaking my ip this way too. Fraser is right disable automatic dns and set the PIA dns ip's and my ip shows no where. apologies for the mistake using push it seems slightly intermittent in results.... so use the R1 dns settings you can remove the push lines in config.
ggkthx Posted June 25, 2017 Author Posted June 25, 2017 Yeah that's what I meant! Do so as well on your ISP hub after retesting you are right, sometimes my ip is leaking with the push dns in config. i never noticed ssl was leaking my ip this way too. Fraser is right disable automatic dns and set the PIA dns ip's and my ip shows no where. apologies for the mistake using push it seems slightly intermittent in results.... so use the R1 dns settings you can remove the push lines in config. Roger that! And thanks for the find Ziltoid!
Ziltoid Racer Posted June 28, 2017 Posted June 28, 2017 hi guys i'm back again..... The dns leak using manual config was annoying me because i know the push dns option used to work great but now for some reason it leaked. After doing some research it turns out Windows 10 has a new feature called "Smart Multi-Homed Name Resolution" (which cannot be turned off) what this does is uses all interfaces to send DNS requests and it uses the fastest one so even when you have your push DNS set in the config windows 10 can and does use other interfaces on your PC for DNS requests. To stop this you will need an extra push setting in your config with the ones i posted before, you need to add these 3 lines to your config: push "block-outside-dns"push "dhcp-option DNS 209.222.18.222"push "dhcp-option DNS 209.222.18.218" The above are using PIA DNS server ip's but you can use whatever you want. Note: link-local ipv6 must be disabled in miscellaneous settings else it will leak when you are connected to VPN. I have tested with the PIA ip's and the new block outside dns push and it works for me but could others test it too to make sure it works for everyone. Thanks Z PS: adding the block line means you can now leave the R1 using your ISP DNS for all other devices connected to it but your device will use what you set in the push when connecting to your VPN manually.
Administrators Netduma Fraser Posted June 28, 2017 Administrators Posted June 28, 2017 Nicely done! Very good find
ggkthx Posted June 28, 2017 Author Posted June 28, 2017 hi guys i'm back again..... The dns leak using manual config was annoying me because i know the push dns option used to work great but now for some reason it leaked. After doing some research it turns out Windows 10 has a new feature called "Smart Multi-Homed Name Resolution" (which cannot be turned off) what this does is uses all interfaces to send DNS requests and it uses the fastest one so even when you have your push DNS set in the config windows 10 can and does use other interfaces on your PC for DNS requests. To stop this you will need an extra push setting in your config with the ones i posted before, you need to add these 3 lines to your config: The above are using PIA DNS server ip's but you can use whatever you want. Note: link-local ipv6 must be disabled in miscellaneous settings else it will leak when you are connected to VPN. I have tested with the PIA ip's and the new block outside dns push and it works for me but could others test it too to make sure it works for everyone. Thanks Z PS: adding the block line means you can now leave the R1 using your ISP DNS for all other devices connected to it but your device will use what you set in the push when connecting to your VPN manually. Tried it, now all the DNS test sites report that I'm using either Google's or OpenDNS's servers... Rebooted the R1 and made sure ipv6 was disabled but still same results. Tested on Mac and iOS devices. Not sure if it makes a difference.
Administrators Netduma Fraser Posted June 28, 2017 Administrators Posted June 28, 2017 Change your R1's settings to auto for DNS but keep the DNS lines in the config
ggkthx Posted June 28, 2017 Author Posted June 28, 2017 Change your R1's settings to auto for DNS but keep the DNS lines in the config Think I'll stick to manually inputting the DNS servers in the LAN section.
Administrators Netduma Fraser Posted June 29, 2017 Administrators Posted June 29, 2017 Think I'll stick to manually inputting the DNS servers in the LAN section. If they were conflicting i.e. not the same then that may cause the issue
ggkthx Posted June 29, 2017 Author Posted June 29, 2017 If they were conflicting i.e. not the same then that may cause the issue They were the same addresses actually. Noticed the R1 GUI slows down heavily especially after making multiple changes to the VPN config. In any case, I have rebooted the router and used the provided by Ziltoid and all seems good so far. I mean, it's fine if I don't see my ISP's DNS in the test results right? Edit: I take that back. The issue still happens occasionally throughout the last 24 hours. I did read somewhere that block-outside-dns option is only for Windows devices though.
Administrators Netduma Fraser Posted June 30, 2017 Administrators Posted June 30, 2017 Okay that makes sense. Our OpenVPN client is likely out of date as well which will contribute to the issue.
ggkthx Posted July 1, 2017 Author Posted July 1, 2017 Okay that makes sense. Our OpenVPN client is likely out of date as well which will contribute to the issue. Ahh...Would it be updated in DumaOS?
Administrators Netduma Fraser Posted July 1, 2017 Administrators Posted July 1, 2017 Yes it would be and we'd be able to update it whenever it was needed
iAmMoDBoX Posted July 8, 2017 Posted July 8, 2017 Fook yeah! Sorry I know this is old but you need help setting it up PM me and I can do it through teamviewer. I've had similar issues, no more leaks for me.
Ziltoid Racer Posted July 8, 2017 Posted July 8, 2017 Sorry I know this is old but you need help setting it up PM me and I can do it through teamviewer. I've had similar issues, no more leaks for me. why not let us all know how?
iAmMoDBoX Posted July 8, 2017 Posted July 8, 2017 why not let us all know how? Why not let us all know what every individual person has as their unique network setup? Then I'll write a guide for each possibility.
Marc@Marc1 Posted February 27, 2019 Posted February 27, 2019 I am trying to configure my VPN using Torguard I added the lines push "block-outside-dns" push "dhcp-option DNS 1.1.1.1" push "dhcp-option DNS 1.0.0.1" but my DNS still shows up as my ISP. I am on the XR500 any idea how to get my DNS to stop leaking/to be set to the DNS I need. Is there a way to set LAN DHCP side pushed DNS (where is the option) If anyone could post a picture that would be awesome or if anyone has a solution.
Administrators Netduma Fraser Posted February 27, 2019 Administrators Posted February 27, 2019 50 minutes ago, Marc@Marc said: I am trying to configure my VPN using Torguard I added the lines push "block-outside-dns" push "dhcp-option DNS 1.1.1.1" push "dhcp-option DNS 1.0.0.1" but my DNS still shows up as my ISP. I am on the XR500 any idea how to get my DNS to stop leaking/to be set to the DNS I need. Is there a way to set LAN DHCP side pushed DNS (where is the option) If anyone could post a picture that would be awesome or if anyone has a solution. Hey, welcome to the forum! You have a topic regarding this on the Netgear forum that I am responding to so let's keep it there for the moment and others can comment on it here if they wish to.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.