OpenDNS & Private Internet Access VPN??

Comments

5 comments

  • Avatar
    mattwilson9090

    You would need to do 2 things

    1) Configure the VPN connection to use OpenDNS addresses instead of the default DNS addresses that the connection uses. That may or may not be possible with the service you are using

    2) You would need to register the public IP of the VPN endpoint where your internet traffic exits from the VPN tunnel. Since it's very likely that that IP address is shared by other VPN that's very unlikely. If you are able to configure the DNS settings I referred to in the first point you could use the OpenDNS Family Shield, but you wouldn't be able to configure the OpenDNS settings unless you could also register that IP address, which, as I said, is unlikely.

    1
    Comment actions Permalink
  • Avatar
    rotblitz

    Enhancing what mattwilson9090 said:

    "How do I make both of these things play nice together?"

    They do play nice together already.  The details depend on what you expect from "playing nice together".  There are generally two options:

    1. You do not want to use OpenDNS when connected over the VPN tunnel.
      That is easy: it is as it is just now, so you simply ignore the fact that OpenDNS reports you not using OpenDNS, because you intended exactly this, not to use OpenDNS when being connected through a VPN tunnel.
    2. You do want to use OpenDNS also when connected over the VPN tunnel.
      As mattwilson9090 said, you would configure OpenDNS resolver addresses (the normal ones or the FamilyShield ones) in this specific virtual VPN connection.  You will not be using your dashboard settings and not be collecting stats, because you are not to register an IP address with your dashboard which you do not own.  To prevent from accidently updating your dashboard with your VPN IP address information, you would disable the Updater before you connect, or you configure persistent routes on your computer, so that the Updater works only through your standard gateway for the normal LAN connection.

    Not sure what decision you want to take?  Also this depends on what you want to achieve.

    If you wanted to hide your traffic as a whole from everybody,  you would have to go for option 1 to not use OpenDNS, because else your DNS traffic will be easily visible for everybody interested in seeing it.  This is known as "DNS leak" (http://dnsleak.com/).  However, if you don't care about that but want to use some features of OpenDNS like the speedy DNS service or the default security like phishing and malware protection or even statically predefined content filtering with FamilyShield, you would have to go for option 2.

    It's your choice.

    1
    Comment actions Permalink
  • Avatar
    ferthalangur

    @rfalk ...

    As far as I can tell, and I have done some hacking on the PIA configuration on OS X 10.11.3, you can't do it. PIA on OS X sets your resolver IP addresses when the VPN connects, and it can't be bypassed as it can with PIA under Windows. The PIA setup tool hides the "DNS Leak" parameter (I am not sure if this was intentional or an HTML error which I found in their client). However, if you change the value in their configuration parameters directly, for DNS Leak protection, nothing changes. Your DNS resolver addresses are set to PIA's when you connect to the VPN.

    _rob_

    1
    Comment actions Permalink
  • Avatar
    rotblitz

    That leaves you with my option 1 from above.  Sometimes one does not have a choice...

    And DNS leak shouldn't be an issue with option 1 either, because your DNS traffic is hidden in the tunnel.

    0
    Comment actions Permalink
  • Avatar
    milobin (Edited )

    Unintentional Necro of this thread - but found it via Google, so leaving my response for others.

    *****

     

    Just had this issue and here is how I solved it:

    In the dashboard of OpenDNS, add the following to your Whitelisted domains (or add them in the settings directly):

    The source of these sites was found in my "blocked Domains" section in the Dashboard.

    Either shut down the PIA process tree in Task Manager or do a reboot.  But fixed it for me.

    0
    Comment actions Permalink

Please sign in to leave a comment.