No local DNS when connected to SSL VPN

Question

From my Android phone using openvpn and the ovpn config from my Sophos box, I can connect to my network. I can get to my servers from using their IP, but I cannot get hostnames to resolve. In System > Administration I have DNS turned on for VPN 
 
 10.0.0.1 is my sophos box and also how my LAN uses for gateway. Sophos is my DHCP server. I have a DNS server on 10.0.0.4 that is a raspberry pi running pi-hole. It is configured to pass local name resolution to the sophos box. My VPN Settings:

Any idea what I am doing wrong?

dirkkotte · Answer

With "local ACL" you allow access to the firewalls DNS-service. 
 You need an additional firewall rule to access DNS on 10.0.0.4. Do you have such a rule?

dirkkotte · Answer

this allows access to the DNS-service of the firewall. If you use the firewall-IP for DNS, this may work. 
 If you wish to use an different DNS-server, you need a firewall-rule (not a local ACL) to allow this access. 
 Create a LOG-and-DROP rule at the end of your firewall rule set and check for dropped packets.

No local DNS when connected to SSL VPN

Top Replies