I just received my Firewalla purple box and I am new to the secure network setup.
I'm trying to understand if DNS queries are done with VPN server origin or from the Firewalla box. Could you please help with some additional details?
I have the following setup:
- Firewalla Purple, router mode
- 3rd party VPN configured, Force DNS over VPN off (Ad Block) - apply to group1
- Lan network -> IPv6 off (VPN supports only v4)
- Ad Block enabled, strict - all devices
- DoH (DNS over HTTPS), all out of the box DNS servers on - apply to group1
Testing done from device in group1 (VPN applied):
1. Check flows for group1 - I could not find DNS queries logged in flows. Are there any logs for DNS queries?
2. Validate IP (what is my ip or similar service) - All good, VPN IP
3. Validate DNS leak (https://www.dnsleaktest.com/) - VPN IP, standard test with configured FW DNS servers.
The question is: Who is doing the DNS query (FW or VPN server)?
Please sign in to leave a comment.