Many streaming services implement DNS check and block any user with IP and DNS in different geo locations. Unfortunately, the ibVPN app in ClearOS suffers from a DNS leak, which renders it useless with many video streaming providers.
I check the DNS leak using dnsleak.com and dnsleaktest.com. There is always a leak when connecting via ClearOS. No leak appears when connecting directly from a client computer using ibVPN's ovpn configuration file. Attached are the /etc/clearos/ibvpn.d/ibvpn.ovpn from ClearOS and ibVPN_reference.ovpn for comparison.
I tried to solve the leak in ClearOS by using ibVPN DNS in Network -> IP Settings -> Network -> DNS, but without success. The DNS server I entered only appears as one of many servers used for resolving names.
I also edited /etc/resolv.conf in ClearOS by commenting out "nameserver 127.0.0.1" and by forcing another nameserver, but the leak is always there.
There are scripts in github, such as this one, for OpenVPN to prevent the leak but I'm not sure if they are compatible with ClearOS.
So, any suggestions to solve this issue?
Thank you.
I check the DNS leak using dnsleak.com and dnsleaktest.com. There is always a leak when connecting via ClearOS. No leak appears when connecting directly from a client computer using ibVPN's ovpn configuration file. Attached are the /etc/clearos/ibvpn.d/ibvpn.ovpn from ClearOS and ibVPN_reference.ovpn for comparison.
I tried to solve the leak in ClearOS by using ibVPN DNS in Network -> IP Settings -> Network -> DNS, but without success. The DNS server I entered only appears as one of many servers used for resolving names.
I also edited /etc/resolv.conf in ClearOS by commenting out "nameserver 127.0.0.1" and by forcing another nameserver, but the leak is always there.
There are scripts in github, such as this one, for OpenVPN to prevent the leak but I'm not sure if they are compatible with ClearOS.
So, any suggestions to solve this issue?
Thank you.
In ibVPN
Share this post:
Responses (3)
-
Accepted Answer
-
Accepted Answer
-
Accepted Answer
I have a thought/suggestion for Darryl.
First, can you tell me if you are using ClearOS as your DNS server? If so, I don't think the routing script, /etc/clearos/ibvpn.d/route-down.sh, is going to work for DNS as I think the requests will be serviced by ClearOS before they get routed to ibVPN. Can you try overriding your client DNS servers to GoogleDNS (8.8.8.8 and 8.8.4.4) or OpenDNS and then testing for the leak?
@Darryl, is a PREROUTING firewall script needed to redirect DNS lookups to a DNS server specified in in the ibvpn_clearos.ovpn file or to anywhere to prevent ClearOS doing the lookup? This will mess up LAN lookups but may prevent the leaks.
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »