OpenVPN - DNS Servers For TAP-Win32 Adapters?

Discussion in 'privacy technology' started by DasFox, Apr 27, 2011.

Thread Status:
Not open for further replies.
  1. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    When using OpenVPN and wanting to use secure DNS like Comodo, Cloud, Norton, etc., besides your ethernet and wifi adapters should you also add the DNS servers to the TAP-Win32 adapter, or this isn't necessary?


    THANKS
     
  2. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    It shouldn't be necessary if the vpn push data is configured. the vpn provider will send dns server updates via dhcp which get applied to the adapter remotely.
     
  3. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825

    This sounds like we are then making an assumption based on the VPN provider having things setup as they should, but what if they don't?

    Or is this like saying, this is Basic VPN 101 for dummies and there's no excuse for a VPN provider not to be setup like this properly? Or should the end-user be asking and questioning the VPN provider over this?

    So in the end, what should we be thinking as an end-user, what approach to all this, better to set it up in the Tap adapter, better to be safe then sorry, or what?


    THANKS
     
  4. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Depends on your use I suppose.
    For someone who wants to use the latest xyz tech/service: You can configure the network adapter to use a specific DNS, or your home router and just do local queries.

    For someone who wants security, privacy, or anonymity: The VPN provider should be making the DNS decision for you. You should not be splitting your trust domain across two entities, because that does not distribute risk, it multiplies it.
     
  5. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    Actually it didn't work, I had to put in the Pri & Sec DNS in the tap adapter to cover the DNS from the VPN, if I didn't do it, then the VPN DNS was being seen...

    So in some cases you need to change the TAP adapter, at least I did...
     
    Last edited: May 9, 2011
Loading...
Thread Status:
Not open for further replies.