While testing out several features before we can go live I find the following with Connect 2.0 client.
I have configured an IPSEC connection to Sophos XG, this works as expected; DNS is set to the configured value.
I also imported the .OVPN-file from the current UTM. Connecting to it works using the Connect 2.0 client, however DNS is not set correctly and tries to connect to the DNS server that was set from the previous connection attempt to the IPSEC VPN on XG.
Looking in the VPN log I see the following line:
Tue Jan 12 11:06:23 2021 PUSH: Received control message: 'PUSH_REPLY,route-gateway 10.242.2.1,route-gateway 10.242.2.1,topology subnet,ping 10,ping-restart 120,route 172.17.1.10 255.255.255.255,route 192.168.23.0 255.255.255.0,route 192.168.21.0 255.255.255.0,route 10.23.0.0 255.255.0.0,route 192.168.1.0 255.255.255.0,route 172.16.10.0 255.255.255.0,dhcp-option DNS 10.242.2.1,dhcp-option DOMAIN <manually removed>,ifconfig 10.242.2.17 255.255.255.0'
this should actually push out the correct DNS-server, which should be the VPN-local ID from the UTM 10.242.2.1 but for some reason it chooses the one that is configured for the IPSEC connection (which is different).
After disconnect I am back to the locally connected DNS-server so that's good.
Is there a problem pushing the DNS-server from the UTM with OpenVPN config?
This thread was automatically locked due to age.