* Gert Doering <g...@greenie.muc.de>: > "man openvpn" has a bit > > .B \-\-block\-outside\-dns > Block DNS servers on other network adapters to prevent > DNS leaks. This option prevents any application from accessing > TCP or UDP port 53 except one inside the tunnel. It uses > Windows Filtering Platform (WFP) and works on Windows Vista or > later.
Seen that after I updated the server package... > Yes. But you need to either push it, or configure it as > > setenv opt block-outside-dns > > which will make the "unrecognized option" bit a warning only, not a fatal > (when pushed, it's always warning-only) > > Plus, it only works on Vista+, so on XP it will trigger an error (or warning, > same rules as for the option itself on Linux/Mac) Currently I'm pushing it. No ill side effects so far. > It might need to be pushed along with "register-dns", or a configured --up- We're pushing that for years now :) > script that does "ipconfig /registerdns" to make sure that Windows really > really understands that "hey, there is new nameservers, please USE THEM!!!" > - otherwise some testers reported DNS latencies in the first few minutes > of VPN usage. A side issue there with register-dns: https://community.openvpn.net/openvpn/ticket/570 -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.de Campus Benjamin Franklin http://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155 ------------------------------------------------------------------------------ _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
