How to use DNS servers from the VPN service?

Bernd · June 9, 2019, 12:30am

Hello.

Without VPN service I would like to use custom DNS servers.

For that I have to go to Network> Interfaces> WAN> Advanced Settings, uncheck "Use DNS servers advertised by peer" and enter custom DNS servers. Right?

But almost every vpn service uses own DNS servers. How do I use these DNS servers after a vpn connection?

vgaetera · June 9, 2019, 12:41am

https://openwrt.org/docs/guide-user/services/vpn/openvpn/extras#dns_and_domain

Bernd · June 9, 2019, 1:54am

So I just need these steps?

Use DNS and domain options on OpenWrt client.

cat << EOF > /etc/openvpn/up.sh
#!/bin/sh
env | sed -n -e "
/^foreign_option_.*=dhcp-option.*DNS/s//nameserver/p
/^foreign_option_.*=dhcp-option.*DOMAIN/s//domain/p
" | sort -u > /tmp/resolv.conf.vpn
uci set dhcp.dnsmasq[0].resolvfile="/tmp/resolv.conf.vpn"
/etc/init.d/dnsmasq restart
EOF
chmod "u=rwx,g=rx,o=rx" /etc/openvpn/up.sh
 
sed -i -e "
/^script-security/s/^/#/
\$a script-security 2
/^up/s/^/#/
\$a up /etc/openvpn/up.sh
" /etc/openvpn/vpnclient.conf
service openvpn Restart

I find it difficult to implement that.

I have created up.sh in /etc/openvpn/:

#!/bin/sh
env | sed -n -e "
/^foreign_option_.*=dhcp-option.*DNS/s//nameserver/p
/^foreign_option_.*=dhcp-option.*DOMAIN/s//domain/p
" | sort -u > /tmp/resolv.conf.vpn
uci set dhcp.dnsmasq[0].resolvfile="/tmp/resolv.conf.vpn"
/etc/init.d/dnsmasq restart

What about this?

sed -i -e "
/^script-security/s/^/#/
\$a script-security 2
/^up/s/^/#/
\$a up /etc/openvpn/up.sh
" /etc/openvpn/vpnclient.conf

vpnclient.conf does not exist. All my VPN settings are in /etc/config/openvpn

vgaetera · June 9, 2019, 2:33am

uci set openvpn.@openvpn[-1].script_security="2"
uci set openvpn.@openvpn[-1].up="/etc/openvpn/up.sh"
uci commit openvpn
service openvpn restart

Bernd · June 9, 2019, 6:04am

The line needs a "@":

uci set dhcp.dnsmasq[0].resolvfile="/tmp/resolv.conf.vpn"

It must be:

uci set dhcp.@dnsmasq[0].resolvfile="/tmp/resolv.conf.vpn"

I hope this configuration is ok now:

/etc/openvpn/up.sh:

#!/bin/sh
env | sed -n -e "
/^foreign_option_.*=dhcp-option.*DNS/s//nameserver/p
/^foreign_option_.*=dhcp-option.*DOMAIN/s//domain/p
" | sort -u > /tmp/resolv.conf.vpn
uci set dhcp.@dnsmasq[0].resolvfile="/tmp/resolv.conf.vpn"
/etc/init.d/dnsmasq restart

chmod "u=rwx,g=rx,o=rx" /etc/openvpn/up.sh

/etc/openvpn/down.sh:

#!/bin/sh
uci set dhcp.@dnsmasq[0].resolvfile="/tmp/resolv.conf.auto"
/etc/init.d/dnsmasq restart

chmod "u=rwx,g=rx,o=rx" /etc/openvpn/down.sh

uci set openvpn.@openvpn[-1].script_security="2"
uci set openvpn.@openvpn[-1].up="/etc/openvpn/up.sh"
uci set openvpn.@openvpn[-1].down="/etc/openvpn/down.sh"
uci commit openvpn
service openvpn restart

system · June 19, 2019, 6:04am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.