Hi, On Wed, Jul 1, 2020 at 3:09 PM Marco De Vitis <starl...@mdv.eu> wrote: > > Il 01/07/20 20:21, tincanteksup ha scritto: > > The post you made on the forum suggests that you have set a default > > gateway on the TAP adapter .. > > Do not do that. > Well yes, it's an attempt I made because I saw everyone in that thread > telling that this fixed the issue. But it didn't for me (and I did not > expect it, actually), so I rolled back to the original configuration. > > We do not have your client config or logs so this is just a guess but > > do not use --block-outside-dns (if you are). > At this point, this is most probably the reason: the block-outside-dns > option is in use. Even if I remove it from the client config, it's > pushed from the server. > > But why should this make NLA fail? DNS resolution using the VPN DNS > server appears to work fine for every address, including the one which > Microsoft uses for the connection check. But the failure is systematic > instead.
If the pushed DNS server works for all domains, I'm out of ideas. But fwiw, try removing the pushed block-outside-dns by adding this to the client config: pull-filter ignore block-outside-dns and check the logs to ensure it's ignored. This shouldn't be required, and is not ideal, but worth a test. Selva _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
