I have enabled VPN server on the Orbi router and i am able to connect to it from both my Mac and my iPhone. However, i am having issue with the VPN service not pushing its DNS to either the Mac or the iPhone. When i am at work, my Mac receives an IP address and also a set of DNS from the work's DHCP server. When i open a VPN connection to my Orbi router, i expect my Mac to be updated with the DNS from the Orbi router. When i disconnect the VPN connection, i expect the DNS to be replaced by the one from work. However, that is not happening. So while i am connected to the VPN, my Mac is still using the DNS provided by my workplace's DHCP server. Is there a way to configure the Orbi router so that it pushes its DNS to the VPN client?

No one has ever encountered this?

OK, an example.By default you connect from work to your home VPN with the DNS lookup homevpn.mydomain.netYour work DNS server doesn’t have this DNS entry so it looks for it on the Internet DNS servers your work IT people have set, likely 8.8.8.8You then make a connection to the VPN which adds an IP route on your Mac so you can reach other home computers.If the DNS servers changed on your Mac to your home ones then the source lookup for homevpn.mydomain.net on the Internet would disappear and the VPN would drop.You wouldn’t be able to resolve a serverIt’s not the Orbi but the VPN client on the Mac. You need to set it to have Split Mode DNS.

The VPN service in the Orbi router (i believe this is similar to other Netgear router offering VPN service) has three options when it comes to "Clients will use this VPN connection to access": - Auto- All sites on the Internet & Home Network- Home Network When i initially set up the VPN service, i selected the "All sites on the internet & home network" because that's what i wanted. However if you choose that option, the VPN DNS is not pushed by the VPN service to replace the local DNS AFTER you have established the VPN connection. After changing the option to "Auto", the VPN service started pushing its DNS to replace the local DNS after the VPN connection is established. However now i have a different problem. My apparent IP address is still the local one assigned by my work DHCP server. So this is what happens if you choose these options for "Clients will use this VPN connection to access": Auto: Apparent IP address does not change but the DNS is replaced All sites on the Internet & Home Network: Apparent IP address does change but the DNS does not Home Network: Same as Auto

Correct. Forget Auto for a moment.You have "Home Network" which routes Internet traffic out of your works Internet pipe and any home traffic down the VPN.You have "Internet and Home Network" that only keeps a work Internet connection active purely to carry the outside VPN itself out to the Internet. Any other Internet traffic like disney.com is then routed inside the VPN down to your Orbi and will use your home Internet provider to access the web site.Auto is doing choosing "Home Network" which is what standard VPN connection do. The questions are :1. When connected to either "Home Network" or "All sites on the Internet and Home Network", are you trying to reach a server at home with a domain address such as myserver.home and cannot resolve it?2. When connected to "Home Network" you can't resolve workserver1.workdomain?Also are you using the OpenVPN Mac client? https://openvpn.net/BSG

With the "internet and home network" option, the VPN DNS is not replacing the work DNS so if i try to get to any website like google.com, it won't (because tthe work DNS does not respond request from outside its network). In other words, once the VPN is established, there is the work DNS is not resolving any DNS requests coming from a 192.168.1.x IP. I have not really tried the "Home network" too much because my purpose is not to just use the home network when i VPN to my home router. I am using Tunnelblick. I tried the latest general release and i installed the latest beta hoping for a different outcome but it is the same.

Orbi router not pushing DNS to VPN client

16 Replies

ktula
Apprentice
Feb 15, 2018
No one has ever encountered this?
- BrainSuperGlue
  Tutor
  Feb 16, 2018
  OK, an example.
  
  By default you connect from work to your home VPN with the DNS lookup homevpn.mydomain.net
  Your work DNS server doesn’t have this DNS entry so it looks for it on the Internet DNS servers your work IT people have set, likely 8.8.8.8
  
  You then make a connection to the VPN which adds an IP route on your Mac so you can reach other home computers.
  
  If the DNS servers changed on your Mac to your home ones then the source lookup for homevpn.mydomain.net on the Internet would disappear and the VPN would drop.
  
  You wouldn’t be able to resolve a server
  
  It’s not the Orbi but the VPN client on the Mac. You need to set it to have Split Mode DNS.
  - ktula
    Apprentice
    Feb 16, 2018
    The VPN service in the Orbi router (i believe this is similar to other Netgear router offering VPN service) has three options when it comes to "Clients will use this VPN connection to access":
    
    - Auto
    - All sites on the Internet & Home Network
    - Home Network
    
    When i initially set up the VPN service, i selected the "All sites on the internet & home network" because that's what i wanted.
    
    However if you choose that option, the VPN DNS is not pushed by the VPN service to replace the local DNS AFTER you have established the VPN connection.
    
    After changing the option to "Auto", the VPN service started pushing its DNS to replace the local DNS after the VPN connection is established. However now i have a different problem. My apparent IP address is still the local one assigned by my work DHCP server.
    
    So this is what happens if you choose these options for "Clients will use this VPN connection to access":
    
    Auto: Apparent IP address does not change but the DNS is replaced
    
    All sites on the Internet & Home Network: Apparent IP address does change but the DNS does not
    
    Home Network: Same as Auto
ktula
Apprentice
Apr 12, 2018
This may not be related to the 2.1.3.4 firmware update. I had issue getting IP address from the router after VPN to it. So i changed the configuration in tunnelblick to use tun instead of tap. The VPN service on the router is set to "All sites on the internet and Home network". Now, everything appears to be working correctly. Upon connecting to the router, the DNS is correctly updated and "what is my IP address" is showing the internet IP address of the router.

Forum Discussion

Orbi router not pushing DNS to VPN client