Unable to use Pritunl Internal DNS Proxy

Hi, I have a Enterprise edition self hosted pritunl server which uses AWS Route 53 resolver as its DNS host (at VPC + 2 IPV4). The VPC CIDR is 192.168.0.0/16.
I have some users whose internal network/router CIDR’s conflicted with Route 53 resolver’s static IP causing their DNS resolution to fail. To mitigate this I decided to enable VPN Client DNS Mapping option however that just causes all DNS resolution to fail and VPN stops working. From the network traceroute I could see that the resolver#1 when VPN Client DNS Mapping option was off was just the IPV4 of the route 53 resolver however when enabled, the resolver#1 changed to the first IP of the Virtual network CIDR defined in the pritunl server. (which i guess isn’t a DNS hence the queries failing)

For context my server settings are default with just DNS routing enabled & the Route 53’s route being natted 192.168.0.2/32 in pritunl server. It just stops working when I enable VPN Client DNS Mapping - which I had hoped would solve the issue of some of my users having conflicting IP’s since it would first proxy to the Pritunl server instead of route53 directly.

Run sudo netstat -tulpn to verify the pritunl-dns process is binding to the DNS port. Also run sudo systemctl status pritunl-dns to check for errors. The most common issue is systemd-resolved is running which will bind to the DNS port preventing pritunl-dns from using the port. If it is add the option below to sudo nano /etc/systemd/resolved.conf then run sudo systemctl restart systemd-resolved

[Resolve]
DNSStubListener=no
1 Like

Thanks @zach, this solved my issue