Page 1 of 1

How to create a VPN with custom DNS

Posted: 2020/08/01 15:10:03
by vinilara
Hi everyone,

I have one VPS that has CentOS 7 installed. I need to put this server as VPN so when the clients connect they will be able to reach personalised domains, like:

ftp.development.mycompany

I installed OpenVPN and configured it to allow communication between client-server but this do not resolve domains, just IP's. So how can I set up this DNS Server?

Re: How to create a VPN with custom DNS

Posted: 2020/08/04 13:13:23
by BShT
i have the same situation here and we use 2 browsers, one for general internet and other connected to our proxy over VPN that resolves internal sites.

Re: How to create a VPN with custom DNS

Posted: 2020/08/04 13:20:54
by BShT
https://openvpn.net/vpn-server-resource ... -problems/

according to this, you can set a DNS server inside openvpn client, i never used this way

i donĀ“t want everybody querying DNS over VPN...

Re: How to create a VPN with custom DNS

Posted: 2020/08/04 13:54:54
by TrevorH
Bear in mind the way that DNS works on linux. There is one set of dns servers listed in /etc/resolv.conf and they are consulted in order, from the top down, one by one until one of them gives an answer. Any answer, even if it's "never heard of it". At that point the search stops. The only time a second nameserver is asked is if the first one does not respond.

This means that any DNS server you put in there has to be able to answer all queries, not just the ones that need to go over the VPN.

Re: How to create a VPN with custom DNS

Posted: 2020/08/04 18:40:44
by aks
Generally the way I "solve" this is to use DHCP routes and DHCP provided DNS servers (they are all options). This usually means clients work, except in the cases where the client has done "silly" things.
This also gets very complex very quickly across Windows, MacOS and Linux.

Re: How to create a VPN with custom DNS

Posted: 2020/08/05 11:45:27
by jlehtone
BShT and aks said that openvpn can tell the client to use a specific DNS server, when the VPN tunnel is active.

That DNS server would be separate from the VPN, but one that can resolve all names (public and private) "correctly".
dnsmasq is relatively simple, can act as caching DNS server, and resolve private names too.