| Version 4 (modified by , 5 years ago) (diff) |
|---|
Pushing DNS servers to clients
This page describes how to use pushed DNS servers in the client.
Contents:
- Using pushed DNS servers with a Linux client
- Using pushed DNS servers with a Windows client
- Additional notes
Using pushed DNS servers with a Linux client
Linux must use an external script to update the DNS servers in /etc/resolve.conf
Most Distro OpenVPN packages include /etc/openvpn/update-resolv-conf script.
Source: https://github.com/alfredopalhares/openvpn-update-resolv-conf
Call the script by adding this to your client config file:
script-security 2 up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf
Using pushed DNS servers with a Windows client
- OpenVPN 2.4
Windows uses the OpenVPN built-in DHCP server to update the TAP adapter's DNS servers and no additional steps are required. This does require that the client is run using the OpenVPN-GUI and that the OpenVPN
InteractiveServicefor Windows is started.
To prevent DNS leaks at the client use
--block-outside-dns.
- OpenVPN 2.3
Windows uses the OpenVPN built-in DHCP server to update the TAP adapter's DNS servers and no additional steps are required. This does require that the client is run as an administrator user.
This version does not support
--block-outside-dns
Additional notes
TODO:
- systemd-resolvd
Pushing DNS servers to clients -- return to top
