Untangle FW - OpenVPN DNS Issue

Untangle FW - OpenVPN DNS Issue

PROBLEM:

There is a known issue with Windows 7 and Windows 8 that the OpenVPN client DNS may not work as a result of Windows Security. 

SOLUTION:

OpenVPN option "register-dns" needs to be added either to the client configuration file and/or the server. 

--register-dns
Run net stop dnscache, net start dnscache, ipconfig /flushdns and ipconfig /registerdns on connection initiation. This is known to kick Windows into recognizing pushed DNS servers.   

METHOD 1: 

Add push "register-dns" to last line of /etc/openvpn/server.conf

Log into the Untangle Server

Type nano /etc/openvpn/server.conf

Append the following line of text to the last line of the file

    push "register-dns"

CTRL+X to close and save on exit. 

Restart the OpenVPN service

  /etc/init.d/openvpn restart

When the clients connect, the OpenVPN server will advise windows to reset the DNS cache.

Note: This setting does not stick when the server reboots.

Might have to install a shell script to run @reboot in crontab to resolve.

[CODE]
#!/bin/sh
echo 'push "register-dns" ' >> /etc/openvpn/server.conf
/etc/init.d/openvpn restart
exit;
[/CODE]
 

METHOD 2: 

Create a Computer Group Policy that gives Domain Users the ability to edit the directory for C:\Program Files\OpenVPN\config\filename.ovpn and/or C:\Program Files (x86)\OpenVPN\config\filename.ovpn

Create a User Group Policy that runs a vbscript at logon to search the file for the string "register-dns" and if not present update the file with the last line "register-dns". 

[CODE]

Dim WshShell

Dim OsType

Set WshShell = CreateObject("WScript.Shell")

OsType = WshShell.RegRead("HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\PROCESSOR_ARCHITECTURE")

If OsType = "x86" then

'wscript.echo "Windows 32bit system detected"

strFile = "c:\program files\openvpn\config\filename.ovpn"

elseif OsType = "AMD64" then

'wscript.echo "Windows 64bit system detected"

strFile = "c:\program files (x86)\openvpn\config\filename.ovpn"

end if

Dim strSearch

strSearch = "register-dns"

Const ForAppending = 8

set objFSO = CreateObject("Scripting.FileSystemObject")

If objFSO.FolderExists("C:\Program Files (x86)\OpenVPN") OR objFSO.FolderExists("C:\Program Files\OpenVPN") Then

'MsgBox "OpenVPN is installed"

set file1 = objFSO.OpenTextFile(strFile, 1) 

sText = file1.readall

file1.close

if instr(sText, strSearch) > 0 then

'MsgBox "String Found"

else 

'MsgBox "String Not Found"

set objFile = objFSO.OpenTextFile(strFile, ForAppending, True)

'objFile.Write(vbLF & "register-dns")

objFile.Write("register-dns")

objFile.Close

end if

Else

 'MsgBox "OpenVPN is not installed"

End If

MsgBox "Done"

[/CODE]