Jump to content


Photo

airvpn with openvpn in openwrt router

dns router server openwrt openvpn

  • Please log in to reply
4 replies to this topic

#1 mimosa67

mimosa67

    Member

  • Members
  • PipPip
  • 24 posts

Posted 05 January 2018 - 08:20 PM

I normally use AirVPN with openvpn in my computer, with openresolv to allow openvpn to connect to the server then change the DNS so it is tunnelled through the VPN connection. The openvpn config file I downloaded specifies a country, not a particular server, so DNS resolution is needed initially to make the connection.

 

However I am interested in putting the VPN inside a router instead, and I have been experimenting.

 

Looking at the instructions for ddrwt and here:

https://airvpn.org/topic/14378-how-can-i-get-vpn-servers-entry-ip-addresses/

 

it seems it will not be possible to continue using my existing per-country configuration, as I need to give a specific IP address, ie choose just one server (and edit the .ovpn file accordingly).

 

At the moment, I am using an OpenNIC DNS server in parallel with the VPN one instead, but I'd rather not continue to do this. Am I right in thinking each query goes to both DNS servers (rather than using the second one only if the first  doesn't return an IP address)?

 

Is there a way to select a country or region, rather than a specific AirVPN server, in this situation? I want to continue using openvpn manually as I understand and trust this method. I am also more familiar with the command line (ssh into the router) than LEDE/OpenWRT, which is new to me.



#2 mimosa67

mimosa67

    Member

  • Members
  • PipPip
  • 24 posts

Posted 10 January 2018 - 04:12 PM

To put my question more succinctly (my only justification for bumping): how can I best ensure DNS queries are sent through the VPN tunnel, if I am running AirVPN on a router?

 

In a desktop, I use resolvconf to achieve this. The VPN server IP is initially resolved by my ISP's DNS server. Once the VPN connection is up, queries are routed through it.



#3 go558a83nk

go558a83nk

    Advanced Member

  • Members
  • PipPipPip
  • 1538 posts

Posted 10 January 2018 - 04:18 PM

dd-wrt doesn't have an option to switch to DNS of the VPN upon connection?  tomato does, so does merlin-asus.

 

point is, you know the DNS request is going through the VPN tunnel if you're using 10.x.0.1 for DNS server.

 

Or, if dd-wrt has policy routing you can create rules such that any traffic to DNS servers you specify (opennic) have to go through the VPN tunnel.



#4 mimosa67

mimosa67

    Member

  • Members
  • PipPip
  • 24 posts

Posted 10 January 2018 - 05:53 PM

you know the DNS request is going through the VPN tunnel if you're using 10.x.0.1 for DNS server.

But then how does the router connect to the VPN in the first place? The dd-rwt howto recommends using the IP address of a single server in the .ovpn file, so no DNS resolution is required. But isn't there a way round that, just as there is with a desktop computer (using openresolv)? As I said above, I am using OpenWRT, not dd-wrt, but I looked at the howto for that. The details are surely different, but the situation and basic principles must be the same.

 

if dd-wrt has policy routing you can create rules such that any traffic to DNS servers you specify (opennic) have to go through the VPN tunnel.

That sounds like a possible answer to the problem. So how do you do that?

 

In case it is not obvious, I should perhaps say I am new to this. This is my first attempt at making a VPN router. Using AirVPN with openvpn on a Linux desktop is so straightforward that doing so for a year or two has taught me next  to nothing about networking.



#5 go558a83nk

go558a83nk

    Advanced Member

  • Members
  • PipPipPip
  • 1538 posts

Posted 10 January 2018 - 06:18 PM

you know the DNS request is going through the VPN tunnel if you're using 10.x.0.1 for DNS server.

But then how does the router connect to the VPN in the first place? The dd-rwt howto recommends using the IP address of a single server in the .ovpn file, so no DNS resolution is required. But isn't there a way round that, just as there is with a desktop computer (using openresolv)? As I said above, I am using OpenWRT, not dd-wrt, but I looked at the howto for that. The details are surely different, but the situation and basic principles must be the same.

 

>if dd-wrt has policy routing you can create rules such that any traffic to DNS servers you specify (opennic) have to go through the VPN tunnel.

That sounds like a possible answer to the problem. So how do you do that?

 

In case it is not obvious, I should perhaps say I am new to this. This is my first attempt at making a VPN router. Using AirVPN with openvpn on a Linux desktop is so straightforward that doing so for a year or two has taught me next  to nothing about networking.

 

 

I'm unfamiliar with dd-wrt so I'm not much practical help, just idea help. :)

 

My point is re 10.x.0.1 is that you wouldn't need to do anything special to force DNS requests to that address through the tunnel because through the tunnel is the only way it can be reached.  I understand that using only that IP as DNS prevents you from resolving the country address when the tunnel isn't up.

 

If dd-wrt doesn't support policy routing or a way to switch DNS to VPN DNS, then my suggestion is to search for the best current tomato distribution and use that, for I know it has an option to switch DNS to the VPN.  That was years ago when I used it, so I'm no help now.  Or, if you have an Asus router, use merlin-asus firmware.







Similar Topics Collapse


Also tagged with one or more of these keywords: dns, router, server, openwrt, openvpn

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Servers online. Online Sessions: 14646 - BW: 52438 Mbit/sYour IP: 54.81.244.248Guest Access.