OpenVPN with Adguard
-
@Jenova ah ok, I can clarify the docs further, after we discuss it here.
The situation is:
-
If you just install OpenVPN app, there is a built-in dns server. This built-in DNS server lets devices identify other devices on the VPN.
-
There is an option to set some other DNS server. This DNS server can be Google's DNS, Cloudflare's DNS, Pi-Hole, AdGuard DNS server etc. Now, it just happens that we have an AdGuard Home app on Cloudron. If that is what you want to use, you would use the IP address of the app (i.e same as the public IP of the server).
I guess the confusion is that you think AdGuard is somehow built into the OpenVPN app? They are totally separate things.
-
-
@girish no. I know it's not. I just figured since I had OpenVPN and Adguard on the same server it was what caused it not to connect. I figured it was going in a loop between Adguard and OpenVPN since it was on the same server. I'll try adding it again and seeing what it does but iirc, it dosnt connect.
-
-
To add, I see the DNS being set nicely via
systemd-resolve --status
Link 15 (tun0) Current Scopes: DNS DefaultRoute setting: yes LLMNR setting: yes MulticastDNS setting: no DNSOverTLS setting: no DNSSEC setting: no DNSSEC supported: no Current DNS Server: 173.255.211.103 DNS Servers: 173.255.211.103 DNS Domain: ~. openvpn.cloudron.space
-
@Jenova which OS/client are you using ? I think it's probably some networking related issue we have to debug step by step.
-
Are you able to ping by IP address? Can you ping Cloudron server by IP ?
-
Then,
host cloudron.io adguard-ip-address
. Does this work ? -
Then, we have to figure if the openvpn client configured the OS with the right DNS server.
To test a couple of more things:
- Can you try with setting the DNS server as 8.8.8.8 (this is the Google DNS). Does that work?
-
-
I'm confused. Do you want me to run that host command in my server? Is adguard-ip-address what I should put or should I put the ip address of my server?
Ping? How do I do that?
Where am I putting the Google DNS? In my OpenVPN Settings page?
Sorry, I have literally no idea what I'm doing here and I'm actually kinda frustrated.
-
@Jenova said in OpenVPN with Adguard:
I'm confused. Do you want me to run that host command in my server? Is adguard-ip-address what I should put or should I put the ip address of my server?
Ping? How do I do that?
Where am I putting the Google DNS? In my OpenVPN Settings page?
Sorry, I have literally no idea what I'm doing here and I'm actually kinda frustrated.
Ok, so to update, i put the Google DNS inside of OpenVPN's settings and still no connection was being made
-
@Jenova Let's take a step back, I feel I made too many assumptions here.
Without any of this DNS stuff, does the OpenVPN app work for you with the defaults? I assumed it does, but I want to double check this. If it does work, can you tell me
a) where is your server hosted? Intranet or public cloud ? Anything special I need to know about the network?
b) which OS and vpn client are you connecting from ? This is important to debug further because all the commands I am giving you are for linux desktop.
-
@girish said in OpenVPN with Adguard:
@Jenova Let's take a step back, I feel I made too many assumptions here.
Without any of this DNS stuff, does the OpenVPN app work for you with the defaults? I assumed it does, but I want to double check this. If it does work, can you tell me
a) where is your server hosted? Intranet or public cloud ? Anything special I need to know about the network?
b) which OS and vpn client are you connecting from ? This is important to debug further because all the commands I am giving you are for linux desktop.
I assume Intranet. Its a VPS with HostWorld. I have no idea if there is anything you need to know about the network.
The OS on my VPS is ubuntu-20.04-x86_64 and im using Windows 11 (Insider Edition, if that makes a difference).
-
@Jenova thanks.
With the default OpenVPN app settings, please connect from Windows. After connecting, can you please check what it says the DNS server is? https://askleo.com/find-dns-server-used-pc/ says if you run
ipconfig /all
, it will display the DNS servers. Can you post what that command returns?Also, I am not a Windows expert. TBH, I haven't even used Windows in many years, but I will try my best and let's see how far we get
-
@girish said in OpenVPN with Adguard:
@Jenova thanks.
With the default OpenVPN app settings, please connect from Windows. After connecting, can you please check what it says the DNS server is? https://askleo.com/find-dns-server-used-pc/ says if you run
ipconfig /all
, it will display the DNS servers. Can you post what that command returns?Also, I am not a Windows expert. TBH, I haven't even used Windows in many years, but I will try my best and let's see how far we get
Windows IP Configuration Host Name . . . . . . . . . . . . : LAPTOP-6ELGD60J Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : lan Unknown adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : TAP-Windows Adapter V9 for OpenVPN Connect Physical Address. . . . . . . . . : 00-FF-AD-F9-6D-8C DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::a5dd:8a2a:5344:20e8%11(Preferred) IPv4 Address. . . . . . . . . . . : 10.8.0.6(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.252 Default Gateway . . . . . . . . . : DHCPv6 IAID . . . . . . . . . . . : 184614829 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-28-BC-70-C5-8C-C8-4B-15-8E-95 DNS Servers . . . . . . . . . . . : 10.8.0.1 NetBIOS over Tcpip. . . . . . . . : Enabled Wireless LAN adapter Local Area Connection* 1: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter Physical Address. . . . . . . . . : 8E-C8-4B-15-8E-95 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Wireless LAN adapter Local Area Connection* 2: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2 Physical Address. . . . . . . . . : CE-C8-4B-15-8E-95 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Wireless LAN adapter Wi-Fi: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Realtek RTL8821CE 802.11ac PCIe Adapter Physical Address. . . . . . . . . : 8C-C8-4B-15-8E-95 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 192.168.1.200(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Tuesday, May 17, 2022 7:51:32 AM Lease Expires . . . . . . . . . . : Wednesday, May 18, 2022 7:03:45 AM Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 192.168.1.1 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Bluetooth Network Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) Physical Address. . . . . . . . . : 8C-C8-4B-15-8E-96 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes
-
@Jenova said in OpenVPN with Adguard:
DNS Servers . . . . . . . . . . . : 10.8.0.1
So, the above line tells us that it got the internal DNS server correctly. So, far so good!
Next step: Disconnect from VPN. Then, go to the OpenVPN settings and put '8.8.8.8' as the DNS server. (https://docs.cloudron.io/apps/openvpn/#custom-dns-server) . Now, connect again.
Are you able to connect to VPN or is it that you are able to connect to VPN but unable to connect to any website? If you run
ipconfig /all
again now like before, what is the output ? (I am expecting the DNS Severs to be 8.8.8.8). -
@girish said in OpenVPN with Adguard:
@Jenova said in OpenVPN with Adguard:
DNS Servers . . . . . . . . . . . : 10.8.0.1
So, the above line tells us that it got the internal DNS server correctly. So, far so good!
Next step: Disconnect from VPN. Then, go to the OpenVPN settings and put '8.8.8.8' as the DNS server. (https://docs.cloudron.io/apps/openvpn/#custom-dns-server) . Now, connect again.
Are you able to connect to VPN or is it that you are able to connect to VPN but unable to connect to any website? If you run
ipconfig /all
again now like before, what is the output ? (I am expecting the DNS Severs to be 8.8.8.8).Windows IP Configuration Host Name . . . . . . . . . . . . : LAPTOP-6ELGD60J Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : lan Unknown adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : TAP-Windows Adapter V9 for OpenVPN Connect Physical Address. . . . . . . . . : 00-FF-AD-F9-6D-8C DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::a5dd:8a2a:5344:20e8%11(Preferred) IPv4 Address. . . . . . . . . . . : 10.8.0.6(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.252 Default Gateway . . . . . . . . . : DHCPv6 IAID . . . . . . . . . . . : 184614829 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-28-BC-70-C5-8C-C8-4B-15-8E-95 DNS Servers . . . . . . . . . . . : 8.8.8.8 NetBIOS over Tcpip. . . . . . . . : Enabled Wireless LAN adapter Local Area Connection* 1: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter Physical Address. . . . . . . . . : 8E-C8-4B-15-8E-95 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Wireless LAN adapter Local Area Connection* 2: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2 Physical Address. . . . . . . . . : CE-C8-4B-15-8E-95 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Wireless LAN adapter Wi-Fi: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Realtek RTL8821CE 802.11ac PCIe Adapter Physical Address. . . . . . . . . : 8C-C8-4B-15-8E-95 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 192.168.1.200(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Tuesday, May 17, 2022 7:51:32 AM Lease Expires . . . . . . . . . . : Wednesday, May 18, 2022 7:03:45 AM Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 192.168.1.1 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Bluetooth Network Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) Physical Address. . . . . . . . . : 8C-C8-4B-15-8E-96 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes
It's funny cuz now i can connect. I actually uninstalled Edge and all related software to Edge and installed Brave instead and i can connect to literally everything. I'm going to try my server again and see if i can connect now.
Edit: As expected, i cant connect.
Windows IP Configuration Host Name . . . . . . . . . . . . : LAPTOP-6ELGD60J Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : lan Unknown adapter Local Area Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : TAP-Windows Adapter V9 for OpenVPN Connect Physical Address. . . . . . . . . : 00-FF-AD-F9-6D-8C DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::a5dd:8a2a:5344:20e8%11(Preferred) IPv4 Address. . . . . . . . . . . : 10.8.0.6(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.252 Default Gateway . . . . . . . . . : DHCPv6 IAID . . . . . . . . . . . : 184614829 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-28-BC-70-C5-8C-C8-4B-15-8E-95 DNS Servers . . . . . . . . . . . : 23.237.137.11 NetBIOS over Tcpip. . . . . . . . : Enabled Wireless LAN adapter Local Area Connection* 1: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter Physical Address. . . . . . . . . : 8E-C8-4B-15-8E-95 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Wireless LAN adapter Local Area Connection* 2: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2 Physical Address. . . . . . . . . : CE-C8-4B-15-8E-95 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Wireless LAN adapter Wi-Fi: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Realtek RTL8821CE 802.11ac PCIe Adapter Physical Address. . . . . . . . . : 8C-C8-4B-15-8E-95 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 192.168.1.200(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Tuesday, May 17, 2022 7:51:32 AM Lease Expires . . . . . . . . . . : Wednesday, May 18, 2022 7:03:44 AM Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 192.168.1.1 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Bluetooth Network Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) Physical Address. . . . . . . . . : 8C-C8-4B-15-8E-96 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes
-
@Jenova said in OpenVPN with Adguard:
DNS Servers . . . . . . . . . . . : 8.8.8.8
Ah nice, it does get the configuration correctly!
Its funny cuz now i can connect.
One thing to know is that these days browsers also have all sorts of DNS caching going on. So, best to restart browser to make sure we are testing things afresh.
-
@girish said in OpenVPN with Adguard:
@Jenova said in OpenVPN with Adguard:
DNS Servers . . . . . . . . . . . : 8.8.8.8
Ah nice, it does get the configuration correctly!
Its funny cuz now i can connect.
One thing to know is that these days browsers also have all sorts of DNS caching going on. So, best to restart browser to make sure we are testing things afresh.
Edited my response.
-
@Jenova said in OpenVPN with Adguard:
It's funny cuz now i can connect. I actually uninstalled Edge and all related software to Edge and installed Brave instead and i can connect to literally everything. I'm going to try my server again and see if i can connect now.
Edit: As expected, i cant connect.Can you tell me what happened between being able to connect initially and not being able to later?
In the output where you can't connect, the DNS server is wrong
23.237.137.11
.Also, out of curiosity, maybe you can also try to connect from your phone and see if you are able to connect. This will help identify if this is some openvpn client issue or some server side issue. I suspect something with Windows OpenVPN client.
-
@girish said in OpenVPN with Adguard:
@Jenova said in OpenVPN with Adguard:
It's funny cuz now i can connect. I actually uninstalled Edge and all related software to Edge and installed Brave instead and i can connect to literally everything. I'm going to try my server again and see if i can connect now.
Edit: As expected, i cant connect.Can you tell me what happened between being able to connect initially and not being able to later?
In the output where you can't connect, the DNS server is wrong
23.237.137.11
.Also, out of curiosity, maybe you can also try to connect from your phone and see if you are able to connect. This will help identify if this is some openvpn client issue or some server side issue. I suspect something with Windows OpenVPN client.
I added the IP address of where my AdGuard is hosted.
23.237.137.11 is the ip of which both Adguard and OpenVPN are hosted at so i assumed it would be what i would put in OpenVPN's DNS.
I will try tho and report back
Edit: It works flawlessly on my phone.
-
@Jenova I guess that's good news and bad news
I have to leave you on your own here, since I have no clue how Windows DNS works. See http://woshub.com/dns-resolution-via-vpn-not-working-windows/ and https://serverfault.com/questions/356115/vpn-connection-causes-dns-to-use-wrong-dns-server for maybe some ideas.