I will summarize how to setup OpenVPN the same way as basically @Koleon wanted (route all traffic with local DNS resolving). I was experimenting with it for two hours before I’ve finally make it work.
Prerequisites:
- You obviously have to enable OpenVPN through Foris interface
- I’ve also enabled OpenVPN to start automatically by running
/etc/init.d/openvpn enable - Go to LuCI
http://192.168.1.1/cgi-bin/luci/admin/network/dhcpand uncheck/disable optionLocal Service OnlyunderGeneral settingstab (this was the thing I was missing in this discussion but it makes local name resolving working for me finally)
Then there are two ways how to do the other steps. By editing config files manually or through uci.
Manually:
Edit /etc/config/firewall, add those lines to the end:
config forwarding 'vpn_turris_forward_wan_out'
option src 'vpn_turris'
option dest 'wan'
Reload firewall’s config: /etc/init.d/firewall reload
Edit /etc/config/openvpn, add those lines to the end of config openvpn 'server_turris' section:
list push 'redirect-gateway def1'
list push 'dhcp-option DNS 192.168.1.1'
Restart openvpn server: /etc/init.d/openvpn restart
With UCI:
uci set firewall.vpn_turris_forward_wan_out=forwarding
uci set firewall.vpn_turris_forward_wan_out.src=vpn_turris
uci set firewall.vpn_turris_forward_wan_out.dest=wan
uci add_list openvpn.server_turris.push='redirect-gateway def1'
uci add_list openvpn.server_turris.push='dhcp-option DNS 192.168.1.1'
uci commit
/etc/init.d/firewall reload
/etc/init.d/openvpn restart