Results 1 to 4 of 4
  1. #1
    Untangler
    Join Date
    Mar 2013
    Posts
    77

    Default new nord tunnel, dns resolution on openvpn not working

    Hello,
    Been tinkering with getting a nord tunnel vpn going. Think I got everything set, ip's check out and there don't appear to be any dns leaks.
    One thing I wanted to throw out there incase it is an issue is the DNS servers. I have a windows domain behind the untangle box. It's been long enough, I can't remember the exact scenario but I have google's DNS entries in for forwarders on the Windows DNS server. I had tried to mess with port forwarding on the untangle side to point to the nord DNS server but it kept flaking out. Had to match the 8.8.8.8 the windows side uses and have the port forwarding go to that.
    Can anyone see an issue with using google's DNS server vs Nords?

    Second, I have openvpn clients connecting in. It seems on windows clients, I don't have any issues. but on mac clients while on an openvpn connection I can't resolve anything. Can't see anything different in the openvpn config side between a windows or mac machine.

    ***Off VPN***
    Macbooks-Air:~ macbookair$ nslookup nhb-dc.nhbnet.org
    Server: 10.10.30.29
    Address: 10.10.30.29#53

    Name: nhb-dc.nhbnet.org
    Address: 10.10.30.29
    ***On VPN***
    Macbooks-Air:~ macbookair$ nslookup nhb-dc.nhbnet.org
    Server: 172.16.0.1
    Address: 172.16.0.1#53

    ** server can't find nhb-dc.nhbnet.org: NXDOMAIN

    Anyone have any words of wisdom on what may need to happen to get the macs to resolve with the windows dns server?

    Thanks

  2. #2
    Untangler
    Join Date
    Jan 2021
    Posts
    92

    Default

    Quote Originally Posted by militarymedic23 View Post
    Hello,
    Been tinkering with getting a nord tunnel vpn going. Think I got everything set, ip's check out and there don't appear to be any dns leaks.
    One thing I wanted to throw out there incase it is an issue is the DNS servers. I have a windows domain behind the untangle box. It's been long enough, I can't remember the exact scenario but I have google's DNS entries in for forwarders on the Windows DNS server. I had tried to mess with port forwarding on the untangle side to point to the nord DNS server but it kept flaking out. Had to match the 8.8.8.8 the windows side uses and have the port forwarding go to that.
    Can anyone see an issue with using google's DNS server vs Nords?

    Second, I have openvpn clients connecting in. It seems on windows clients, I don't have any issues. but on mac clients while on an openvpn connection I can't resolve anything. Can't see anything different in the openvpn config side between a windows or mac machine.

    ***Off VPN***
    Macbooks-Air:~ macbookair$ nslookup nhb-dc.nhbnet.org
    Server: 10.10.30.29
    Address: 10.10.30.29#53

    Name: nhb-dc.nhbnet.org
    Address: 10.10.30.29
    ***On VPN***
    Macbooks-Air:~ macbookair$ nslookup nhb-dc.nhbnet.org
    Server: 172.16.0.1
    Address: 172.16.0.1#53

    ** server can't find nhb-dc.nhbnet.org: NXDOMAIN

    Anyone have any words of wisdom on what may need to happen to get the macs to resolve with the windows dns server?

    Thanks
    If DNS is resolving anywhere other than NordVPN, you have a leak. What is serving DNS for all your clients currently? Untangle or MSDNS? I assume it's a domain controller. Do you have just one LAN subnet?

  3. #3
    Untangler
    Join Date
    Mar 2013
    Posts
    77

    Default

    Quote Originally Posted by MP715 View Post
    If DNS is resolving anywhere other than NordVPN, you have a leak. What is serving DNS for all your clients currently? Untangle or MSDNS? I assume it's a domain controller. Do you have just one LAN subnet?
    Yes the DC is running the DNS show. I have 6 different vlans for various things. MSDNS resolves internally then forwards to google 8.8.8.8 for external queries.
    I've actually backtracked on this since after trying to route all traffic through the vpn, apps like appletv/netflix wouldn't connect and this DNS issue. Ended up doing selective tagging on hosts to go through the vpn so stuff like the tv would work.
    Just haven't had the time to get back on here until this morning.

  4. #4
    Untangler
    Join Date
    Jan 2021
    Posts
    92

    Default

    Quote Originally Posted by militarymedic23 View Post
    Yes the DC is running the DNS show. I have 6 different vlans for various things. MSDNS resolves internally then forwards to google 8.8.8.8 for external queries.
    I've actually backtracked on this since after trying to route all traffic through the vpn, apps like appletv/netflix wouldn't connect and this DNS issue. Ended up doing selective tagging on hosts to go through the vpn so stuff like the tv would work.
    Just haven't had the time to get back on here until this morning.
    When connected to the VPN, you want to be forwarding all your DNS traffic to Nord's DNS servers. NordVPN's DNS server addresses are 103.86.96.100 and 103.86.99.100 I use a port forward to accomplish this. Well actually now I send everything to AdGuard and then AdGuard forwards to Nords DNS. So, if you want DNS to work over VPN, create a rule in your Tunnel app to forward traffic from your MSDNS server's IP to Any available Tunnel (Unless MSDNS is in a VLAN you're already pushing through a tunnel). Change your forward in MSDNS from google to Nord's DNS. Afterwards, you can check your Sessions page to make sure they're going over the tunnel. Once this is done, your TV's, Netflix, and PrimeVideo, etc. should work.
    Last edited by MP715; 08-29-2022 at 01:16 PM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2