-   Linux - Newbie (
-   -   DNS leaks with OpenVPN connection - Mint 18.0 KDE (

noucamp 08-03-2017 04:58 PM

DNS leaks with OpenVPN connection - Mint 18.0 KDE
Hello everyone,

First time posting here, and not very experienced with Linux.

Have been using Mint 17.3 (KDE) for a year or so, and installed 18.0 (KDE) in new laptop. I am having problems with DNS leaks while running through third-party VPN services (I use PureVPN and VyprVPN, and experience the same problem with both). This did not happen at all on 17.3. I am using OpenVPN connections through Network Manager (GUI).

I have read ad nauseam about the problem online and my conclusion is that resolv.conf is not been updated when the OpenVPN connection to my VPN server is established (or closed). Some forums have suggested updating the VPN .conf (or .ovpn) file with these lines:

script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

However, I cannot find .conf files, as I believe the Network Manager stores the information in files stored in /etc/NetworkManager/system-connections/. I have tried to modify these files adding the 3 lines above at the end (without header - every other set of instructions has a header) with no success.

I have temporarily set IPv4 DNS servers to point to, to stop the leaks. Although I understand this is good practice, it is not a solution to the problem of not passing DNS values to resolv.conf.

Any help will be greatly appreciated. If you need additional info just ask - just add the necessary instructions to run. Again, not the brightest kid in the block when it comes to Terminal instructions and codes.


PS: I found several copies of resolv.conf, at /etc, /run/NetworkManager, /run/resolvconf, and /usr/share/linuxmint/mintsystem/templates. I assume the 'active' one should be the /etc one.

AwesomeMachine 08-05-2017 07:07 PM

ovpn files are files that contain openvpn scripts. Here is an example of one of mine for PIA:

dev tun
proto udp
remote 1194
resolv-retry infinite
ca ca.crt
remote-cert-tls server
verb 1
reneg-sec 0
crl-verify crl.pem

Usually it's best to launch openvpn like so:

$ openvpn script_name.ovpn
instead of trying to configure network-manager to handle the connection. The script I included will only work with PIA vpn service. Yours would be different. But if you look in the openvpn man page you can figure out what you need.

All times are GMT -5. The time now is 09:10 PM.