Gl-mt3000 vpn dns

New to the forums here… and these devices for that matter. I work in the enterprise and don’t consider myself stupid. I am a network engineer by trade but this is starting to make me feel pretty dumb :slight_smile:

I am trying to get OpenVPN DNS to work as my Primary… I have tried everything I can think of to make it work.

The DNS server used by the OpenVPN client is located on the network the OpenVPN Server is… and is part of an Active Directory Domain Group. Anyways… thats not super important. Just know this DNS server works and hosts all the local computer and server records we need to go across the VPN.

I have set the DNS via the DHCP-Options in my .ovpn config files… it shows its working via the router GUI under DNS. I can ping my DNS server via IP but I cannot ping it or route to it via its domain name which tells me the router is not using the DNS I specified.

I tried forcing it via Custom DNS as well and setting the DNS server as primary… again same thing… cannot ping the domain name for the DNS server or anything else on the VPN network via its domain name…

I then change the DNS directly on my computer to the DNS server thats on the VPN and then everything works like a charm?

Why can I not get the darned DNS server to work on the router and push to the computer? Any thoughts or ideas? Need to see some pictures of the configs? Any help would be appreciated! Thanks everyone!!!

No replies yet? If there is any more information that you need let me know.

Please print this command output on GL-m3000 VPN client:

ip route

and What’s the DNS server ip setting in the .ovpn file?

Thanks for getting back to me. :slight_smile:

The DNS has been set to the Active Directory DNS Server of

here is the IP Route information as requested.

I can ping it. I can even resolve external names with it… i.e. but for whatever reason it does not resolve anything in its local DNS. So Strange.

Here is an update. I installed the OpenVPN client on the computer and connected to the VPN with the same exact configuration and it routes the DNS queries there and back just fine. I honestly have never seen anything like this :slight_smile:

Have you enabled “DNS Rebinding Attack Protection” on mt3000?
That will discard private IP as DNS query result.