How do you prevent DNS Leakge In Pfsense From WAN to VPN

so i have pfsense setup for PIA VPN and if i dont specify a ip address in general setup for the wan_ppoe it will work for a while then pfsense looses its routes and i no longer have PIA working..

so if i set an ip of 1.1.1.1 for wan_ppoe internet back up.. but i find wan 1.1.1.1 leaks over to the pia vpn side when i do ipleak i get cloudflare..

the dhcp sever points all to 192.168.0.1 but i want the WAN to stay in its lane and not ver into VPN lane. and vise versa… as i have on the LAN 192.168.0.x a range of ips that use VPN and a range that uses the WAN but i cant stop the leaking and i even have a no_wan_egress but that doesnt stop the dns coming over to the vpn side

has anyone done this i tried googling but i couldnt find the help i wanted or a video

I assume the 1.1.1.1 is an example ip b/c this ip belongs to cloudflare.

@xMAXIMUSx thanks ill check out the video

@pavlos yes i use 1.1.1.1 for wan_ppoe under general setup and i use PIA dns 10.0.0.243 for the vpn but then i changed the 1.1.1.1 to NordVPN dns ip for the time being.. as i found if i dont have an ip my internet works for a while and then pfsense looses its dns resolving capabilities..

but ill check out the video hopefully it help me

Another interesting DNS service is offered by Mullvad VPN.

@xMAXIMUSx so i tried that setup his setup still leaks dns out cira servers

whats weird he doesnt setup dns resolver… and i can get datacamp servers to go out the wan clients.. but vpn clients get the cira servers..

its not working right… and PIA customer service cant help they dont know anything about pfsense and tell you to look for help on the forums

vicious circle

are there any other steps?? as that video leaks your ISP on the VPN are there any other settings i can do?

it stops vpn traffic going out the wan.. but it doesnt stop WAN DNS ISP Cloudflare from going out the VPN