eps
By:
eps

OpenVPN Connection fails with DNSMasq (pi-hole)

February 18, 2017 1.2k views
Applications DNS Firewall VPN Ubuntu 16.04

Hi,

I have a VPS running an OpenVPN server. The VPN works fine before adding pi-hole and rebooting.

I set up the OpenVPN server using this guide: https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-16-04

I set up pi-hole with this: https://www.cyberciti.biz/faq/ubuntu-linux-install-pi-hole-with-a-openvpn/

Once I install pi-hole, it works fine. The VPN still works, and I can access the pi-hole admin page from my client connection. But once I reboot the server, and then connect to the VPN, all DNS lookups fail. I also cannot ping an IP from my client while connected to the VPN after the server reboot.

For the life of me I can't figure out what's causing the issue. The firewalls seem fine. OpenVPN is pushing the DNS to the local IP.

Before restarting the server, I restarted the firewall and OpenVPN. It still worked then. So I can't figure out what a server reboot would have done to make the VPN connection fail.

Thanks in advance for your help.

OpenVPN server.cfg

port 443
proto tcp
dev tun
ca ca.crt
cert server.crt
key server.key  # This file should be kept secret
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 10.8.0.1"
keepalive 10 120
tls-auth ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC   # AES
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun

UFW OpenVPN rules

# START OPENVPN RULES
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0]
# Allow traffic from OpenVPN client to eth0
-A POSTROUTING -s 10.8.0.0/8 -o ens3 -j MASQUERADE
COMMIT
# END OPENVPN RULES
Be the first one to answer this question.