The solution is to ensure that once connected to the anonymity
network, you are using ONLY the DNS server/s provided by the anonymity
service. As this problem affects predominantly windows clients, only
solutions for Windows appear here.
3 basic steps to fix the problem;
If you are using OpenVPN on Windows XP/Vista/7 then a fully automated solution is available.
Download dnsfixsetup.exe - (md5 checksum: f212a015a890bd2dae67bc8f8aa8bfd9)
After installation, when you connect to a VPN server, a batch file will be run executing the 3 steps above.
Three scripts are generated for each OpenVPN configuration file;
The solution below does not switch the adapter to static if you are using DHCP. If you do not switch to a static IP configuration and your computer renews its IP address whilst connected to the VPN, the DNS settings may be overwritten. It is highly recommended to switch to a static IP configuration.
3 basic steps to fix the problem;
- Before connecting to the VPN, set static IP address properties if you are using DHCP
- After connecting, remove DNS settings for the primary interface
- After disconnecting, switch back to DHCP if neccessary or reapply original static DNS servers
If you are using OpenVPN on Windows XP/Vista/7 then a fully automated solution is available.
Download dnsfixsetup.exe - (md5 checksum: f212a015a890bd2dae67bc8f8aa8bfd9)
After installation, when you connect to a VPN server, a batch file will be run executing the 3 steps above.
Three scripts are generated for each OpenVPN configuration file;
- configfilename_pre.bat - executed before the connection is established - Calls pre.vbs - If any active DHCP adapters exist, switch to static
- configfilename_up.bat - executed when the connection is established - Calls up.vbs - Clear the DNS servers for all active adapter except the TAP32 adapter
- configfilename_down.bat - executed after the connection is disconnected - Calls down.vbs - Reconfigure adapters back to their original configuration
The solution below does not switch the adapter to static if you are using DHCP. If you do not switch to a static IP configuration and your computer renews its IP address whilst connected to the VPN, the DNS settings may be overwritten. It is highly recommended to switch to a static IP configuration.
- Open the command prompt (cmd.exe) as an administrator.
- Before connecting identify the name of the connected network interface. In the case below it is “Local Area Connection”
netsh interface show interface
- Connect to the VPN. Once connected proceed to the next step.
- Flush the DNS resolver cache
ipconfig /flushdns
- Disable the DNS configuration for the Interface identified in step 1
netsh interface IPv4 set dnsserver “Local Area Connection” static 0.0.0.0 both
- Test for DNS leaks.
- After disconnecting, reconfigure the adapter to renew the previous DNS settings
netsh interface IPv4 set dnsserver “Local Area Connection” dhcp
- Once again, flush the DNS resolver cache.
ipconfig /flushdns
- Done.
