OpenVPN Connection fails with DNSMasq (pi-hole)

Posted February 18, 2017 4.9k views
DNSFirewallVPNApplicationsUbuntu 16.04


I have a VPS running an OpenVPN server. The VPN works fine before adding pi-hole and rebooting.

I set up the OpenVPN server using this guide:

I set up pi-hole with this:

Once I install pi-hole, it works fine. The VPN still works, and I can access the pi-hole admin page from my client connection. But once I reboot the server, and then connect to the VPN, all DNS lookups fail. I also cannot ping an IP from my client while connected to the VPN after the server reboot.

For the life of me I can’t figure out what’s causing the issue. The firewalls seem fine. OpenVPN is pushing the DNS to the local IP.

Before restarting the server, I restarted the firewall and OpenVPN. It still worked then. So I can’t figure out what a server reboot would have done to make the VPN connection fail.

Thanks in advance for your help.

OpenVPN server.cfg

port 443
proto tcp
dev tun
ca ca.crt
cert server.crt
key server.key  # This file should be kept secret
dh dh2048.pem
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS"
keepalive 10 120
tls-auth ta.key 0 # This file is secret
key-direction 0
cipher AES-128-CBC   # AES
auth SHA256
user nobody
group nogroup

UFW OpenVPN rules

# NAT table rules
# Allow traffic from OpenVPN client to eth0

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
2 answers

Did you find a solution? Facing the same issues myself…

Connect to you server via web console and add rules to ufw firewall

sudo ufw allow proto udp from to port 53

sudo ufw allow proto tcp from to port 53

sudo ufw allow proto tcp from to port 80

Reboot server

sudo reboot

At the end reconnect your clients.