search

passepartoutvpn / passepartout-app

VPN client for Apple platforms.
https://passepartoutvpn.app
GNU General Public License v3.0
780 stars 120 forks source link

DNS resolution broken for OpenVPN after 2.1.0 update #292

Closed josser closed 1 year ago

josser commented 1 year ago

Hi! I have OpenVPN profile configured like this: 

remote vpngw0...my.private.domain.com 17777 udp 
remote vpngw0...my.private.domain.com 443 tcp-client 
remote vpngw1...my.private.domain.com 17777 udp 
remote vpngw1...my.private.domain.com 443 tcp-client 
remote vpngw2...my.private.domain.com 17777 udp 
remote vpngw3...my.private.domain.com 443 tcp-client

my.private.domain.com is not real, masked

However, for some reason this configuration stopped working after 2.1.0 update. Here is what I see in log: 

App: Passepartout 2.1.0 (3457)
OS: iPadOS 16.4 // not correct, this is Ventura 13.3.1
Device: iPad (Catalyst) // this is not also not correct, MacBookPro18,3 (M1 Pro)
14:35:45 - Starting tunnel...
14:35:45 - App version: Passepartout 2.1.0 (3457)
14:35:45 - Debug: true
14:35:45 - Masks private data: false
14:35:45 - Local options:
14:35:45 -  Remotes: [vpngw1. my.private.domain.com:UDP:17777, vpngw1. my.private.domain.com:TCP:443, vpngw2. my.private.domain.com:UDP:17777, vpngw2. my.private.domain.com:TCP:443, vpngw0. my.private.domain.com:UDP:17777, vpngw0. my.private.domain.com:TCP:443]
14:35:45 -  Cipher: AES-256-CBC
14:35:45 -  Digest: HMAC-SHA1
14:35:45 -  Compression framing: comp-lzo
14:35:45 -  Compression algorithm: lzo
14:35:45 -  Username authentication: true
14:35:45 -  Client verification: enabled
14:35:45 -  TLS wrapping: auth
14:35:45 -  TLS security level: 0
14:35:45 -  Keep-alive interval: 10s
14:35:45 -  Keep-alive timeout: 2m
14:35:45 -  Renegotiation: 8h
14:35:45 -  Server EKU verification: disabled
14:35:45 -  Host SAN verification: disabled
14:35:45 -  Gateway: not configured
14:35:45 -  DNS: not configured
14:35:45 -  MTU: 1500
14:35:45 - Creating link session
14:35:45 - No resolved endpoints, will resort to DNS resolution
14:35:45 - DNS resolve address: {vpngw1.my.private.domain.com:UDP:17777, resolved: []}
14:35:45 - Current SSID: none (disconnected from WiFi)
14:35:51 - DNS resolution failed!
14:35:51 - No endpoints available
14:35:51 - Try next endpoint in current remote: {vpngw1.my.private.domain.com:UDP:17777, resolved: []}
14:35:51 - Exhausted endpoints, try next remote
14:35:51 - Creating link session
14:35:51 - No resolved endpoints, will resort to DNS resolution
14:35:51 - DNS resolve address: {vpngw1.my.private.domain.com:TCP:443, resolved: []}
14:35:56 - DNS resolution failed!
14:35:56 - No endpoints available
14:35:56 - Try next endpoint in current remote: {vpngw1.my.private.domain.com:TCP:443, resolved: []}
14:35:56 - Exhausted endpoints, try next remote
14:35:56 - Creating link session
14:35:56 - No resolved endpoints, will resort to DNS resolution
14:35:56 - DNS resolve address: {vpngw2.my.private.domain.com:UDP:17777, resolved: []}
14:36:02 - DNS resolution failed!
14:36:02 - No endpoints available
14:36:02 - Try next endpoint in current remote: {vpngw2.my.private.domain.com:UDP:17777, resolved: []}
14:36:02 - Exhausted endpoints, try next remote
14:36:02 - Creating link session
14:36:02 - No resolved endpoints, will resort to DNS resolution
14:36:02 - DNS resolve address: {vpngw2.my.private.domain.com:TCP:443, resolved: []}

Doing nslookup / ping / etc for vpngw*.my.private.domain.com works fine.

And if i'm changing DNS domains to IP address in ovpn configuration everything worked fine. So it looks like something in DNS resolve process.

Thank you!

keeshux commented 1 year ago

Hey mate! Please send an email to beta@passepartoutvpn.app for me to add you to TestFlight.

josser commented 1 year ago

Fixed in beta build! Thank you very much!

keeshux commented 1 year ago

Fixed by #294