Our VPN host is in VLAN 99, one of our servers has the DNS set to our domain controller in another VLAN. That server is using a virtual network of 10.0.101.0/24, the DNS server is 10.0.76.25 (in VLAN 76). We are routing all traffic (0.0.0.0/0) over the tunnel, NAT is disabled, and Block Outside DNS is enabled. I want the server to pass the 10.0.101.0/24 subnet to the LAN so we can control access and routing with our firewall. The issue we are facing is because Block Outside DNS is checked, Pritunl if force NAT’ing all traffic from that server to the HOST’s IP address instead of passing the subnet.
Is there anyway to stop that, and just always send the server’s virtual network/subnet to the LAN?
Add 10.0.76.25/32 to the server routes with NAT disabled. You can also run sudo pritunl set vpn.dns_route false this will disable the automatic DNS routes for all servers.
If the 0.0.0.0/0 route is added that will always use NAT.