OpenVPN and dns-resolve in LAN

Hi,
I have set up OpenVPN via die GUI (Turris OS 3.6).

Worked fine. I can connect with my android phone to the vpn and I can access my NAS behind the router using the IP-address of the NAS.
But I can not access the NAS using the local domain name (e.g. nas.lan).

In this thread there was a solution to add two new settings to the openvpn config.
I added both, but still I can not access the NAS using nas.lan.

Any other ideas?

Here is my complete openvpn config file:

config openvpn 'server_turris'
        option enabled '1'
        option port '1194'
        option proto 'udp'
        option dev 'tun_turris'
        option ca '/etc/ssl/ca/openvpn/ca.crt'
        option crl_verify '/etc/ssl/ca/openvpn/ca.crl'
        option cert '/etc/ssl/ca/openvpn/01.crt'
        option key '/etc/ssl/ca/openvpn/01.key'
        option dh '/etc/dhparam/dh-default.pem'
        option server '10.111.111.0 255.255.255.0'
        option ifconfig_pool_persist '/tmp/ipp.txt'
        option duplicate_cn '0'
        option keepalive '10 120'
        option comp_lzo 'yes'
        option persist_key '1'
        option persist_tun '1'
        option status '/tmp/openvpn-status.log'
        option verb '3'
        option mute '20'
        list push 'route 192.168.1.0 255.255.255.0'
        list push 'dhcp-option DNS 192.168.1.1'
        list push 'dhcp-option DOMAIN lan'

Hi,

I’m not sure how is it done on android phone,
but e.g. on debian you need to persuade your system to use the obtained dhcp-options.

You need to put following lines to your client config file:

script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

The script /etc/openvpn/update-resolv-conf is triggered to update dns servers of your client.
Note that you need to have package called resolvconf installed for that.

I have the problem on both Windows and Android device. So far I didn’t try connect to the VPN using Linux.

Maybe this option might be handy.
https://community.openvpn.net/openvpn/wiki/Topology

subnet topology

is the current recommended topology; it is not the default as of OpenVPN 2.3 for reasons of backwards-compatibility with 2.0.9-era configs. It is safe and recommended to use subnet topology when no old/outdated clients exist that are running OpenVPN 2.0.9 under Windows.

in my case it solved so many issues :slight_smile: , now just pushing just gateway ip in config. Tested on droid,win10,rpi3+ devices.