With pfSense 2.5.2 I decided to switch from OpenVPN to wireguard for my on router VPN. In my old setup I had the outgoing interface in the DNS Resolver set to my OpenVPN interface. This ensured no DNS leaks when making requests to authoritative servers.
I have setup the wireguard tunnel without issue, assigned an interface with static ip, and a new upstream gateway for the wireguard interface. My firewall rule routes everything from LAN net to the new wireguard gateway, and this works perfectly.
My issue is when I set the DNS resolver outbound interface to the wireguard interface, I lose DNS resolution.
I believe the issue comes from my NAT configuration or maybe a firewall rule. Do I need to add a rule of some sort to allow the wireguard tunnel to make DNS requests?
Edit: Using the wireguard interface seems to work intermittently, I have gotten onto dnsleak test and had it return my vpn ip…It feels like the NAT is getting confused somehow?