OpenVPN, can ping Internet but DNS not working


I have set up rather ordinary OpenVPN configuration on my router (following the old OpenWRT manual). I use iPhone OpenVPN client (in TUN mode) to tunnel into my LAN and it works just fine accessing internal IP-adresses on the network (192.168.0.x).

Unfortunately, wile being able to access my internal network, I am not able to surf through my iPhone while connected to VPN. But I can ping "external" IP adresses just fine, but it seems that DNS is not working as I cannot resolve any URL. So I can "surf" to IP-adresses only :frowning:

On my LAN,my phone is assigned IP when connecting via VPN.

This is my server config:

config openvpn 'myvpn'
	option enabled '1'
	option verb '3'
	option port '1194'
	option proto 'udp'
	option dev 'tun'
	option server ''
	option keepalive '10 120'
	option ca '/etc/openvpn/ca.crt'
	option cert '/etc/openvpn/my-server.crt'
	option key '/etc/openvpn/my-server.key'
	option dh '/etc/openvpn/dh2048.pem'
	option mute 20
	list push 'route'
	list push 'redirect-gateway def1'
	list push 'dhcp-option DNS'
	list push 'dhcp-option WINS'
	option mute 20

And this is my phone config:

dev tun
proto udp
verb 3

ca ca.crt
cert my-client.crt
key my-client.key

remote-cert-tls server
remote x.x.x.x 1194
gateway-redirect def1

Basically, I can surf to "" but not to "" (which is the same thing)

What am I missing? How do I force phone to use my own specified DNS? (or any DNS if possible)


1 Like

OK, I fixed it myself.

Uncheck this:
Local Service Only (Limit DNS service to subnets interfaces on which we are serving DNS.)

...and DNS will start working.

Anyone who can tell me how I can add VPN subnet to DNS? (in this case,

Assuming you have DNS on the router via its main (LAN) address (most likely this is true), just change this line in your server config to point to your router's LAN address (appears tone in your case).

Also, you can remove the route directive from your client profile since it is already in the server push directives.

Thanks for response, but this was not the issue. DNS works with both, or as long as you uncheck "Local Service Only" for DNS.

Basically, DNS was not listening to anything outside of 192.168.0.x range and VPN is 10.8.x.x

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.