[SOLVED]How to fix dns leaks?

Connection sharing, Firewall, Samba..etc
Forum rules
Before you post please read how to get help
User avatar
phd21
Level 16
Level 16
Posts: 6731
Joined: Thu Jan 09, 2014 9:42 pm
Location: Florida

Re: How to fix dns leaks?

Post by phd21 » Mon Aug 06, 2018 2:32 pm

Hi Mintuser998,

You are welcome from all of us that replied...

You can look up "easy-rsa" and "unbound" in the "Synaptic Package Manager (SPM)" and online (Google it) to find out about these packages. The openVPN developers recommend installing the "easy-rsa" package, so I always do.

I just installed a fresh copy of Linux Mint 19 based on Ubuntu 18.04, and some other Ubuntu 18.04 OS's, which have the newer OpenVPN packages already installed, but my VPN connections were still leaking DNS information. Granted that I always change the ISP's default DNS server IP addresses to a DNS provider's servers, so I am still protected and anonymous, but I wanted to see if I could prevent the DNS leaks. I used "dns.watch" an excellent DNS provider based in Germany (I think), because when I test my DNS if it is leaking it will show the DNS servers in Germany when I am currently in the USA and connected to a VPN server in the USA or elsewhere (somewhere other than Germany for the testing). So, I followed my instructions in this recent reply, installed "unbound" left resolveconf vs openresolv (both work though), and changed my free "ProtonVPN" openvpn configuration files (somewhere.ovpn) to add those lines to them, and restarted my system, connected to a VPN server, and it worked perfectly no DNS leaks and this is with both IPv4 and IPv6 enabled. Keep in mind that with some people's systems and their ISP (Internet Service Providers), you may still need to disable IPv6 or tell (check) the Network Manager to use IPv4 and ignore IPv6 (restart or logout after changes).

FYI: Member majpooper's suggestion to use "dnscrypt" also works and there are other posts in this forum and elsewhere on how to install and configure that for those interested in doing that.
Phd21: Mint KDE 17.3 & 18.3, 64-bit Awesome OS, Ancient Dell OptiPlex 780 Core2Duo E8400 3GHz,4gb Ram,256gb SDD, Video: Intel 4 Graphics, DVD Lightscribe. Why I use KDE?:https://opensource.com/life/15/4/9-reasons-to-use-kde

sammartin8935
Level 1
Level 1
Posts: 1
Joined: Fri Aug 17, 2018 6:52 am

Re: [SOLVED]How to fix dns leaks?

Post by sammartin8935 » Fri Aug 17, 2018 7:13 am

If you haven't figured it out yet, I added this to my openvpn files:

script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
That fixed my leaks when I was looking into this problem.

Edit: this is my exact file:

client
dev tun
proto udp
remote us-texas.privateinternetaccess.com 1198
resolv-retry infinite
nobind
persist-key
persist-tun
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server
comp-lzo
verb 1
reneg-sec 0
crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt
disable-occ
auth-user-pass user.txt
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf


If you want Ivacy VPN to always run with admin rights, you have to open Ivacy properties; under “Compatibility” tab, select “Run this program as an administrator”.

Post Reply

Return to “Other networking topics”