Open DNS and VPNs

Comments

20 comments

  • Avatar
    rotblitz

    "several different networks"

    Home routers normally do not come with a feature like "different networks".  What router would this be?

    "her VPN will not work if I have OpenDNS on the router."

    This is not true.  If you can configure the OpenDNS resolver addresses on the WAN side, then there should be no impact.  If you can configure them on the LAN side only, then you'll have to configure your internal and VPN names as VPN exceptions under Advanced Settings.
    http://www.opendns.com/support/how-do-i-use-opendns-and-manage-internal-resources-and-virtual-private-networks/

    "Can I put OpenDNS on some networks on the router, but not on other networks?"

    If you really can configure different subnets, then you can use OpenDNS on dedicated ones while configuring the related DHCP server what DNS resolver addresses to give out to the connected devices.

    0
    Comment actions Permalink
  • Avatar
    mazomark

    rotblitz,

    Thank you for your response. I currently have a 2008 Apple Time Capsule. I'm thinking of getting the new Airport Extreme. I'm probably using the wrong terminology when referring to networks. We have many different wireless devices. Some use 802.11n, some use 802.11g. I wanted to set up the router so the slower devices do not slow down everyone else's devices. I'm not sure what is the correct terminology for doing this. I had read somewhere on the Open DNS forums that a VPN will not work if OpenDNS is installed on the router. Also, my wife's work computer is wired into the router. She is not using wireless. Thank you. 

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    "We have many different wireless devices. Some use 802.11n, some use 802.11g. I wanted to set up the router so the slower devices do not slow down everyone else's devices."

    Not sure if you can achieve this here unless the router has more than one WLAN channel (SSID, access point) which is highly unusual too.

    The question of wired vs wireless is totally unrelated to TCP/IP networking.  It doesn't matter if the carrier of the information is cupper cable or radio waves or what else.  Therefore different WLAN standards cannot be used to differenciate TCP/IP settings, especially not DNS settings.

    "that a VPN will not work if OpenDNS is installed on the router."

    As I said, this is simply not true.  There are so many hoaxes out...

    0
    Comment actions Permalink
  • Avatar
    mazomark

    rotblitz,

     

    Thank you for your comments. This helps me a great deal. Have a good day. 

    0
    Comment actions Permalink
  • Avatar
    aecv30

    >> "her VPN will not work if I have OpenDNS on the router."

    > This is not true.  If you can configure the OpenDNS resolver addresses on the WAN side, then there should be no impact.
    > If you can configure them on the LAN side only, then you'll have to configure your internal and VPN names as VPN exceptions
    > under Advanced Settings.
    http://www.opendns.com/support/how-do-i-use-opendns-and-manage-inte...

    Please explain how to "configure the OpenDNS resolver addresses on the WAN side". The link provided is blocked:

    You do not have access to this topic

    You do not have access to this page. Please contact the account owner of this Zendesk for further help.

    Thanks.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    This linked article is no longer relevant.

    And how can one explain if you don't tell us your exact router model?

    0
    Comment actions Permalink
  • Avatar
    Kristy Patullo

    If you are afraid our service will interfere with your wife's machine you can configure our service per device rather than on your router.  If you only want to protect your kids' devices you can use our instructions here: https://support.opendns.com/categories/20080020-OpenDNS-Device-Configuration to add our DNS settings only to certain devices on your network.

    0
    Comment actions Permalink
  • Avatar
    kenny_in_nj

    I have a question.  I use VPNs (both for work and to maintain personal privacy).  I have NO problem getting to the VPN servers because of being an opendns user.  But I do have an observation.  When I connect through a VPN, I am no longer using openDNS's DNS lookup.  I can access sites that I have blocked on my openDNS account.  When I break the VPN tunnel, everything is good again  -- I cannot get through to blocked sites, etc.

    Is there any way I can continue to use openDNS's DNS servers once I've established a VPN tunnel?

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    Maybe.  This depends on how the VPN is set up.  If it is a virtual network adapter, you may be able to configure the OpenDNS resolver addresses in it.  If it is just a browser plug-in, you're most likely out of luck.

    If you're on a Windows computer, you may post the complete plain text output of the following commands when the VPN is established:

       ipconfig /all
       netsh interface ip show dns

    I can give more advices then.

    0
    Comment actions Permalink
  • Avatar
    Eden

    Hi Kenny_in_nj,

    When you are connected through VPN, the network you are being connected to may not be configured to use OpenDNS as their DNS server. DNS queries made through VPN will also appear as originating from that network, so you won't be able to use OpenDNS once you've established a VPN tunnel under most circumstances.

    If you have any questions, feel free to submit a ticket to us.

    Cheers!

    0
    Comment actions Permalink
  • Avatar
    dad_hansen

    After reading the above posts, I am still not sure what to do in my case.

    I have a home router. I am using free openDNS.

    My work VPN is not working properly now.

    Is it possible to use openDNS on my home router and still have a laptop that has VPN access to work?

    If so, how do I do this?

    Or am I forced to configure all devices individually?

     

    0
    Comment actions Permalink
  • Avatar
    dad_hansen

    Rebooting my work laptop solved problem. Work VPN now works fine.

    0
    Comment actions Permalink
  • Avatar
    tandersson

    Hi,EDEN at OPEN DNS

    After reading your comments  I think that if I use the IP addressses that Open DNS uses (208.67.222.222, 208.67.220.220) in my Home router and setting up a VPN server in my Lan. I should be able to reach my home network from anywhere in the world as long as I use the IP addresses of OPEN DNS as my DNS servers in my clients. Am I right ? I also wonder how I shall configure my access at home over WIFI. I have a possibility to use a RAS server in my LAN if necessary. On the other hand I think it shouldn't be necessary since a VPN connection should be secure even from a hot spot at a internetcafe or airport or similar. Eden can you pls explain /comment on this? I will use OPENVPN with self signed certificate  (SYNOLOGY) and the application Open DNS updater in my portable windows and Iphone6 clients.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    Reaching your network from outside is absolutely irrelevant and unrelated with using OpenDNS.  Using OpenDNS has effect on your internal DNS traffic only. 

    Do not use the OpenDNS Updater on roaming devices.  You'll be updating your dashboard with wrong IP addresses you do not own,

    0
    Comment actions Permalink
  • Avatar
    tandersson

    Sorry rotblitz,

     I now understand that I was totally wrong. If I use DNs updater in a stationary Desktop computer at my home and in the Inner router (double NAT I can't set Open DNs addresses in the outer router provided by my ISP) I think that Open DNS always will know my public Ip address.( this works fine) . In my Lan I have a Synology server DS213j  with a VPN server installed. What I want to do is reaching this server and my home network from any places in the world except some countries I will never ever visit. Since Synology only offers PPTP, as far as a I know with low security, I want to use OPEN VPN with certificate instead, it is just mentioned for my private home needs, I will use selfsigned certificate created by the server DS213j and me.I thought It should be possible to use something like "mynetworkathome.opendns.com" to reach my home network  in my mobile clients. But if I try to do a ping to"mynetworkathome.opendns" it doesn't work I don't even get the dynamically address assigned. Consequently I cannot configure my OPENVPN clients in my clients.

     

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    "What I want to do is reaching this server and my home network from any places in the world except some countries I will never ever visit."

    Yes, that was clear to me, but Dynamic (authoritative) DNS is not a service offered by OpenDNS.  They only offer recursive DNS services, to be used to answer your DNS queries raised from within your network..

    "I thought It should be possible to use something like "mynetworkathome.opendns.com" to reach my home network  in my mobile clients."

    Exactly this cannot work, because OpenDNS do not provide a Dynamic DNS hostname "like mynetworkathome.opendns.com".  There are many other providers offering this.  See this list here (not all but most are Dynamic DNS services): https://www.dnsomatic.com/wiki/supportedservices
    And many are even for free.  You'll get one or more hostnames there which you can keep updated with your public IP address, so that you can connect from outside using a static hostname pointing to your dynamic IP address.

    "But if I try to do a ping to"mynetworkathome.opendns" it doesn't work"

    This is your next problem, because ping in this context is good for - nothing!  Unless you want to offer a ping service to the world.  Don't use ping; it is not needed to reach your Synology server via VPN.  But this is another topic, totally unrelated to OpenDNS...

    0
    Comment actions Permalink
  • Avatar
    devotedtochrist

    I'm using a Linksys EA4500 router and have it configured to use the Open DNS servers.  I also use Private Tunnel VPN and have had no issues until I installed the OpenDNS Updater.  I guess I need to uninstall the OpenDNS Updater because I'm getting an IP Conflict.  I'm still not sure how all this stuff works internally, from one device to another, so could  someone kindly tell me if using the DNS Updater is redundant or useless in my situation or if it would be worth my while to figure out a way to get this DNS Updater working.  Thank you.  http://www.stoptheglobalists.com  (Help Wake Up All Americans!)

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    "have had no issues until I installed the OpenDNS Updater"

    What exact issues are you facing now?  You didn't tell us.

    Also, OpenDNS does not work "internally, from one device to another", but it is a service in the cloud.

    If you don't run an Updater, then you dashboard settings do not take effect any longer as soon as your IP address changes.  If you don't care, you don't need to run an Updater.  But delete your dashboard network in this case too.

    If you want to run the Updater, you configure persistent routes on this computer to the IP addresses of myip.opendns.com and updates.opendns.com.  Only your main connection will then be regarded by the Updater.

    "Help Wake Up All Americans!"  -  This does not help in this case.  ;-)

    0
    Comment actions Permalink
  • Avatar
    devotedtochrist

    Thanks, I figured it out. 

    1
    Comment actions Permalink
  • Avatar
    rotblitz

    Surprisingly - after nearly a year...

    -1
    Comment actions Permalink

Please sign in to leave a comment.