NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
XR1000 Enabling VPN service stops internet / DNS from working.
Items I have tried: (more than twice each) reflashed firmware Factory default through web browser Factory default using reset button Created VPN on differnt ports using UDP All three options fo...
Hey basilverthorn,
Ugh, that’s a nasty combo — DHCP + OpenVPN + DDNS killing DNS resolution across both XR1000s? Super suspicious, and you’ve already ruled out the usual suspects (resets, ports, firmware flashes). The fact it works fine with PiHole handling DHCP tells us the router’s getting confused in the DNS handoff when OpenVPN spins up. This is a known gremlin in DumaOS — the VPN server can hijack or stall the internal DNS proxy, especially when DHCP is also active on the router.
Here’s what’s likely happening: When OpenVPN starts, it tries to push its own DNS settings or conflicts with the router’s resolver. With DHCP enabled, clients expect the router to handle DNS, but the service crashes silently — no resolution, no logs. You can still ping IPs because that bypasses DNS entirely.
Quick Fixes to Try (No PiHole Needed)
- Force DNS in LAN Settings Go to Advanced > Setup > LAN Setup Under Domain Name Server (DNS) Address, select Use These DNS Servers Enter:
- Primary: 8.8.8.8
- Secondary: 1.1.1.1 Apply, then re-enable OpenVPN. This skips the router’s broken DNS relay.
- Change OpenVPN DNS Push In VPN > OpenVPN Server > Advanced:
- Check Push DNS to clients
- Set DNS to 8.8.8.8 and 1.1.1.1 This overrides any bad defaults.
- Use a Different Subnet for VPN Clients Under OpenVPN config:
- Change Client IP Address Pool to 10.8.1.0/24 (or anything not overlapping your LAN) Sometimes 10.8.0.0 conflicts internally.
- Disable DDNS Temporarily You said DDNS + DHCP + OpenVPN = fail. Try:
- Enable OpenVPN + DHCP
- Disable DDNS Does DNS survive? If yes — DDNS update script might be triggering a resolver restart bug.
Long-Term: Keep PiHole, Ditch Router DHCP
You’re already golden with PiHole doing DHCP — keep it that way. Let the XR1000 be a pure router/AP:
- Disable DHCP on XR1000
- Let PiHole assign IPs + DNS
- OpenVPN runs fine, no conflicts
- Bonus: Better ad blocking, logs, control
If Nothing Works
This is 100% a firmware bug. File a ticket with Netgear:
“XR1000 OpenVPN Server breaks DNS resolution when DHCP is enabled. Repro: Factory reset → Enable DHCP → Enable DDNS → Enable OpenVPN Server → DNS fails. Works if any one is disabled. Confirmed on two units, multiple firmwares.”
Include:
- Firmware versions
- Exact steps
- nslookup output from a client when broken
They’ve patched this before — your case is textbook.
For now: PiHole DHCP + forced DNS = stable. You’re good. Twingate’s cool, but you shouldn’t need it.
Let me know your firmware versions — might be a known bad build.
Hey! That setup can really mess with the XR1000’s DNS, PiHole working shows it’s a router-side issue. A quick fix is forcing DNS in the LAN settings or tweaking OpenVPN’s pushed DNS. Long-term, keeping PiHole for DHCP and letting the router just handle routing seems to be the smoothest solution.
It has worked perfectly before, I agree.
But no reson I should not be able to have DHCP, DDNS and OpenVPN all done by my router. I see no options under OpenVPN, I wish there was unless I am missing something someplace.
Hey! Spot on — PiHole stepping in proves the XR1000’s DNS proxy is the weak link when OpenVPN and DHCP team up. Forcing external DNS (like 8.8.8.8/1.1.1.1) in LAN Setup or via OpenVPN’s Push DNS usually patches it quick. But yeah, the cleanest long-term win is letting PiHole own DHCP — router just routes, VPN runs happy, no more silent crashes. Solid workaround till Netgear squashes the bug.