Great video !
I have followed take aways from it and seeing an issue.
Here is my configuration: https://snipboard.io/kaZ3Sd.jpg
When I select AES-256-GCM (with hope to improve speed a but), my iPhone client stops resolving DNS names.
Why? How is it related ?
Thx
Not sure about the DNS, but I don’t use (nor do many of my clients) have VPN on their iPhone.
If you are using OpenVPN as a mean for remote access (not Site to Site tunnel) consider this:
There’re settings for redirecting all traffic to the VPN site.
They’re settings to force DNS onto the device.
If your PFsense installation has a network like 192.168.1X or 192.168.0.X change it.
If you’re on a guest WIFI with the same addressing as a network inside or across the VPN Tunnel, the packets may not go across the VPN.
I am pushing DNS from my OpenVPN server to clients as you mentioned already.
My wired network 192.168.90.x and my wifi network 192.168.70.x
WiFi can connect to the wired only via OpenVPN connection.
Now I don’t change anything, only 256-CBC to 256-GCM
When on 256-GCM no name resolution local or external.
Very odd …