I’m running openvpn 2.4.6 as a client to a VPS running openvpn and pihole.
Some openvpn features I use do not work with the Leap 42.3 release of openvpn, which is why I had to upgrade to 2.4.6. Further networkmanager isn’t compatible with the latest rev of openvpn. Thus I am using openvpn with a .opvn configuration file, basically
sudo openvpn --config file.opvn
Because I am using pihole, I need to use the DNS of the VPN.
If I edit resolve.conf to be
pihole works fine. That is the resolver comes from the VPN running on the VPS.
What I need to do is set up a connection in NetworkManager such that the DNS is strictly 10.8.0.1. When I try to set the DNS within Network Manager Connection editor, I get 10.8.0.1 plus that of the IP assigned to eth0, which in turn uses the DNS of the ISP. I don’t want any other DNS except from the VPN.
Note that I have this openvpn/pihole combination running fine on my Android phone. It is on Opensuse that I can’t force the DNS unless I edit resolv.conf. Or perhaps more correct is that the push from the openvpn server is not setting the DNS, though it does set the IP to be that of the VPN.
As an aside, openvpn has an option in the .opvn file to execute some scripts to rewrite resolv.conf. I haven’t found any suitable code, but basically it would go something like this. That is I can probably get this to work, but it seems clumsy.
Inside the .opvn file, add these lines:
script-security 2 up /etc/openvpn/update-resolv-conf-on down /etc/openvpn/update-resolv-conf-off
#!/bin/bash rm /etc/openvpn/resolv.conf.orig cp /etc/resolv.conf /etc/openvpn/resolv.conf.orig rm /etc/resolv.conf cp /etc/openvpn/resolv.conf.vpn /etc/resolv.conf
Where resolv.conf.vpn contains:
#!/bin/bash rm /etc/resolv.conf cp /etc/openvpn/resolv.conf.orig /etc/resolv.conf
There are some file permission errors to debug, but the basic idea works. That said, I rather just pick the right connection in NetworkManager than rewriting the resolv.conf file.