cford1905 0 Posted ... I recently got AirVpn up and running on pfsense router using an awesome guide written by by pfsense_fan. Everything was working great until today. This morning I installed Squid and Squidguard and since then I have a DNS leak. Is it possible that Squid (set up only on my VPN_LAN) is using a different DNS? Before installing Squid I had no such issues. I first noticed it when running a speed test and it selected a server that was based on my physical location and not my VPN's IP. Any advice that can be offered would be greatly appreciated. -cford Quote Share this post Link to post
Lee47 23 Posted ... Best to keep it within the pfsense thread you may wish to repost there you may get a few more replies back. I do not have squid installed on my pfsense build but have suffered from speedtest displaying my real location on the map issue it was a combination of problems. *Go through the guide one step at a time and make sure all settings are correct, I noticed few mistakes which lead to speedtest showing my real location.* Try another Air VPN server, no idea why but when I tried connecting to say France or other euro servers other then netherlands, speedtest started to show the correct place on the map.*You may need to disable geo location within your web browser check here: (do it too all your browsers installed)http://www.makeuseof.com/tag/disable-fake-location-firefox-internet-explorer-chrome/ Overall its a bit of a headache but check with Ipleak and click geolocation button it should say something like it could not find or not supported by browser, and of course check with speedtest website hopefully it shows the air vpn servers exit location and not your actual one ! Quote Share this post Link to post
zhang888 1066 Posted ... I will add a small note on the pfSense thread regarding how to completely prevent DNS leaks on pfSense.The idea is adding a global pf rule that will catch all connections to any destination udp/53 and will push themto the local dns resolver (which can be Air's DNS or DNScrypt).That way no package or daemon, or LAN clients will be able to bypass the DNS settings and query any 3dparty DNS server.Those requests will be intercepted by the rule and routed to the local resolver, which will then make a properrequest without any leaks. Quote Hide zhang888's signature Hide all signatures Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees. Share this post Link to post