I tried following setup and it works: Install AdGuard Home Install VPN app in same cloudron In VPN app, set DNS to public IP of cloudron (where AdGuard is installed). Connected from linux I can see all DNS requests are going via AdGuard. I can see that in systemctl status systemd-resolved the DNS of tun0 is set correctly.

Ah, I see why. You are referring to OpenVPN AS maybe - https://openvpn.net/vpn-server-resources/limitations-of-an-unlicensed-openvpn-access-server/ ? @santabroo the OpenVPN app on Cloudron is completely different from OpenVPN AS. The OpenVPN UI was initially written by @mehdi, further developed now by the Cloudron team and not feature compatible or comparable with OpenVPN AS.

@santabroo No. VPNs are point-to-point. What you may be wanting is a Tailscale/Headscale type solution that is a VPN mesh concept (not-point to-point).

I continued debugging the issue and fortunately, I finally found the root cause and solution. Turns out the Ubuntu client wasn't updating the DHCP settings automatically, so I added the following lines to the ovpn file: up /etc/openvpn/update-systemd-resolved down /etc/openvpn/update-systemd-resolved And also installed the following dependencies: sudo apt install resolvconf openvpn-systemd-resolved With that, I was able to solve the issue and now all the clients are resolving automatically.

@girish That's excellent news indeed!

@archos Do what most other sensible IT Pros do: Disable IPv6 for as long as possible

I would be fantastic to integrate other apps to "require Cloudron VPN connection" in order to access them. It would solve many of our problems.

This seems to have resolved the issue. Many thanks

I can see 3,4 being generally useful to have. 1,2 are for service providers. Happy to accept any PRs at https://git.cloudron.io/cloudron/openvpn-app . This has the complete app along with the UI.

@RazielKanos they should be in log viewer (atleast whatever openvpn writes out). Maybe you can turn up the log level for more output.

Maybe @mehdi has some ideas here since he wrote the initial app. If I understand correctly, you are trying to put the OpenVPN certs into openwrt and this somehow leaks DNS. How are you testing this?

Fixed with latest package version now.

Thx a lot, I can try it but is there any way someone can create a package? Not for free for sure..

@girish, good day. sorry, should have said, fixed. i was using the same subdomain name as before the reinstall and for whatever reason that stopped everything from working.

@nebulon Update: after restarting the OpenVPN App, it connects and verifies TLS just fine. Shrug, restart fixed it.

@nebulon said in Making User Admin in config.ini: @aessen yes it has to be the Cloudron user's username. OMG you rock, all of you. That worked and it also helps me better understand the proper syntax for code like this. Many thanks.

Hijacking this thread. I don't think. it's currently possible to do port forwarding, is it? Use case is: I would like to conect a raspberry pi running yunohost at home to the vpn to get a static IP address which I won't get at home.

@girish Thank you, all looking good so far!

Would be good if you guys put a note on which clients have this issue. See https://community.openvpn.net/openvpn/wiki/IPv6#Clientissues for OpenVPN/IPv6 issues. I mostly only tested only on Linux and it works there.