[SOLVED] OpenVPN doesn't provide a DNS resolver server?

August 27th I was going to connect to my FreedomBox’s VPN on public WiFi. Everything checked out at first glance, the client I use said SUCCESS. I then opened my browser and any page I open greeted me with ERR_ADDRESS_UNREACHABLE. So I thought the VPN is having connection issues but, I could still reach plinth at the FreedomBox’s local ip. The other services on the local network (my printer, my other FreedomBox…) cannot be reached through the VPN if I try to navigate to them. I tried as much as I could to get the connection to work, I formatted the freedom and used a testing then stable image, change clients, change devices, change the network that the client device was on, reset the port forwarding rules on the router, restarted modem and then the router in between tries, checked forums and check the update log for open VPN on Raspbian Buster. So with my digging done I think it could be the VPN not having a DNS solver automatically provided to you. This error on the client I use (openVPN for Android) would make sense then.

-No DNS servers being used. Name resolution may not work. Consider setting custom DNS Servers. Please also note that Android will keep using your proxy settings specified for your mobile/Wi-Fi connection when no DNS servers are set.

I read that and then tried to use my own DNS server (8.8.8.8). That removed the whole DNS line but, still no luck. I was getting the same results with my custom DNS server as I did with the option to automatically use the one that the RBPi provides. At this point I tried to set up BIND locally but after trying to run it through that I figured I had no clue what I was doing. I assume an update broke openVPN for Buster users? Does anyone else’s VPN work on their Raspberry pi?

Steps to Reproduce

1. Flash a fresh image (stable) to a micro SD card
2. Set up the RBPi 2 using the web interface
3. Install openVPN
4. Reserve ip and forward ports using UDP
5. Download openVPN profile
6. With the client device on another network/cellular data, connect to the VPN and wait for SUCCESS

Expected Results
I expected to browse the internet with a stable 5mbps up and 5mbps down (I speed tested the same hardware a month prior).

Actual results
I get connected but I cannot reach any website except the FreedomBox using it’s local ip. There is a constant 904 bits per second download speed regardless of the websites I try to access (pinging a website/Google.com fails too) except for the FreedomBox, which will increase the download speed and spike the graph.

Information

• *FreedomBox version info: You are running Debian GNU/Linux 10 (buster) and FreedomBox version 19.15. FreedomBox is up to date.

Hardware: Raspberry pi 2

• How did you install FreedomBox?: Pre made image on the FreedomBox website

@Jacob for Internet connectivity to work with OpenVPN, you need at least one network interface in “external” firewall zone. This allows for traffic from OpenVPN interface “tun0” to be masqueraded and pass through the “external” network interface. https://wiki.debian.org/FreedomBox/Manual/OpenVPN . To configure your network interface as “external” firewall zone, please edit the network connection and set it as “external” zone. Then perhaps restart FreedomBox.

Yep, that’s it! I added another connection and made it external (I could not change tun0’s connection to external due to an error) and that fixed it! Thanks again Sunil!

Can somebody elaborate on how exactly this second interface has to be configured?

Hello! To ensure internet access while connected through OpenVPN, it is necessary for your hardware to have at least two network interfaces, such as two Ethernet ports. One of these interfaces should be assigned to the “external” firewall zone. Follow the steps below to configure the desired interface in the “external” zone:

1. Log in to your admin account.
2. Navigate to the “System” menu and select “Networks”.
3. Choose the relevant interface from the “Connections” list to access its settings.
4. Click on the “Edit” button.
5. On the “Edit connection” page, locate the “Firewall Zone” option and select “External”.
6. Finally, click the “Edit connection” button at the bottom of the page.

In case you only have one network interface and it is assigned to the “internal” Firewall Zone, there is a workaround you can employ to use OpenVPN with internet access. By using Privoxy in conjunction with OpenVPN, you can set up your browser’s proxy settings as follows: configure the proxy address to be “10.91.0.1” and the port to be “8118” (that’s [FreedomBox’s IP in the VPN network]:[Privoxy port]). This will allow you to access the internet. However, keep in mind that to access other devices on your network, they must also be connected to your VPN network. Otherwise, you will be unable to see or interact with devices on your home network.

I apologize for including additional issues that the original poster did not mention. I provided this information to assist other readers who may encounter similar problems. If any of the information I’ve provided is incorrect, I would appreciate being corrected, as this is the configuration I have been using with my Pioneer edition.

Thank you for clarifying. I thought I could somehow create another network interface configuration on one physical interface.