anon1701 0 Posted ... In https://airvpn.org/specs/ it states: "However, we recommend that your machine accepts the DNS push from our servers. If that's not possible, then we suggest to set the DNS IP address matching the VPN gateway IP address, as this is the safest method to prevent certain attacks based on hijacking." Which address is the "VPN gateway IP address" ? Is this the address I connect my client to? Is this the 10.x.y.z labelled as "Your VPN IPv4"? Or (and I think this is unlikley) the "Exit IPv4"? I am trying to work through an issue with running multiple tunnels (in case one fails) and at the moment my firewall won't tell me what the IP DNS settings are that I may or may not get from AirVPN. Quote Share this post Link to post
OpenSourcerer 1441 Posted ... 18 hours ago, anon1701 said: I am trying to work through an issue with running multiple tunnels (in case one fails) and at the moment my firewall won't tell me what the IP DNS settings are that I may or may not get from AirVPN. Then let's tackle this issue instead, as your question is a typical setup for the XY problem. What do you really want to do? Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
anon1701 0 Posted ... What I want to do is only access DNS via the VPN. I have three tunnels running in case of failure of one (or more) tunnels. Two tunnels are specific servers, the third is a country wide DNS - so I don't know which server will be accessed. I cannot assign 10.4.0.1 as DNS on all 3 interfaces - so if a server has a specific IP for DNS then I can use that one for the two specific tunnels and 10.4.0.1 for the third. This way I can define exactly what I want to happen - and know that it is happenning rather than relying on what I think is happenning. I know there are other ways of doing this using PBR - to force DNS requests down the active VPN gateway - but thats for the future once I know what is happenning. I am currently using opnsense - but may later switch to pfsense (I am testing and playing) Quote Share this post Link to post
OpenSourcerer 1441 Posted ... 14 hours ago, anon1701 said: I cannot assign 10.4.0.1 as DNS on all 3 interfaces Is that a technical limitation, or your own? Because 10.4.0.1 and whatever DNS server address is pushed are the same DNS servers. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post