Search the Community
Showing results for tags 'DNS resoulver'.
Found 1 result
If you are looking on how to configure AirVPN on pfSEnse, please follow this great post The following are just a few changes I made that worked for me and that might help someone with the same problems I had. Mostly, avoiding a DNS leak. Note that I am not an expert so anyone is welcome to comment if you think I'm doing something wrong. What follows is just a patch of multiple ideas on the net that led me to a working solution. 1. Create the VPN Certificates you need Go to AirVPN and download a config file (.ovpn) https://airvpn.org/generator/ Now go to pfSense and create a CA for AirVPN Descriptive name: [AirVPN CA] Method: [import an existing Certificate Authority] Certificate data: [Open .ovpn file and insert data found between <ca> and </ca>] Save Now open the Certificates tab and create a new certificate Method: [import an existing certificate] Descriptive name: [AirVPN Client] Certificate data: [Open .ovpn file and insert data found between <cert> and </cert>] Private key data: [Open .ovpn file and insert data found between <key> and </key>] 2. Create an OpenVPN connection https://rtr.noh.lan/vpn_openvpn_server.php Follow the document mentioned above and make the following modifications to it, Go to the Clients tab and make sure that: - You use an IP as the Server host to make sure you can re-connect if the line goes down. If the DNS you use is the one from AirVPN, the VPN connection has to be up before you can access it... - Add the following options: server-poll-timeout 10; explicit-exit-notify 5; auth-nocache mlock; fast-io; key-direction 1; prng SHA512 64; tls-version-min 1.2; key-method 2; tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384; tls-timeout 2; remote-cert-tls server; remote 188.8.131.52 443 # no.vpn.airdns.org remote 184.108.40.206 443 # no.vpn.airdns.org remote 220.127.116.11 443 # ro.vpn.airdns.org remote 18.104.22.168 443 # ro.vpn.airdns.org The "remote" entries allow your VPN to connect to another server if the VPN connection drops. 3. The resolver settings I have General Settings Enable: [X] Listen Port: [Blank] Network Interfaces: [LAN] + any other local network you may have Outgoing Network Interfaces: [Your VPN Interface] System Domain Local Zone Type: [Transparent] DNSSEC: [X] DNS Query Forwarding: [ ] DHCP Registration: [ ] Static DHCP: [X] OpenVPN Clients: [ ] Custom options: forward-zone: name: "." forward-addr: 10.4.0.1 Note that the Custom settings forward to an AirVPN internal DNS. Depending on the type of connection you use, the IP will change so check our it will fail. Advanced Settings Hide Identity: [x] Hide Version: [X] Prefetch Support: [X] Prefetch DNS Key Support: [X] Harden DNSSEC Data: [X] Serve Expired : [ ] The rest I have left as default. Now go to DNSLeakTest and test! I hope this helped someone.