Hi Lorenz, I can across that website yesteday and although I have pfSense 2.4.3 installed (I believe it ships OpenVPN 2.4.4), I get that the option is not supported although it could be that the server onthe other end is not supporting it?
"Options error: Unrecognized option or missing or extra parameter(s) in /var/etc/openvpn/client1.conf:46: block-outside-dns (2.4.4)" Cheers Respect your privacy and that of others, don't give your data to big corporations. Use alternatives like Signal (https://whispersystems.org/) for your messaging or Diaspora* (https://joindiaspora.com/) for your social networking. Il 06/05/2018 09:29, Lorenz Schori ha scritto: > Hi, > > Only covering b). > > On Sun, 6 May 2018 03:30:32 +0100 > Antonio <[email protected]> wrote: > >> b) *OpenVPN Clients* - this seems to be a new option that wasn't >> covered in Marks video. Nor is there reference to this in the pfSense >> book. > This was introduced in 2.4.3. see: > https://redmine.pfsense.org/issues/6847 > > It basically makes it easy to connect to OpenVPN clients in the field > from your LAN using the name from their client certificate. This is the > exact opposite most people are doing with their VPNs. > >> Is this the magic setting that forces DNS resolver to route DNS >> querries through the VPN tunnel? >> **Although from the description in >> pfSense this doesn't look like what I'm after.** > There is actually a magic feature in OpenVPN >= 2.3.9 > See: https://dnsleaktest.com/how-to-fix-a-dns-leak.html > > Not sure whether this works for every client OS though. I recommend to > test this thoroughly if your security / security of your clients depends > on it. > > Cheers, > Lorenz _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
