DNS issue with VPN subnet (Lab Net works fine)

[Aebian]

Sorry for the title, didn't know what would be the best fit for this.

 

I get right into my question:

I have a VPN server listening on 10.145.30.2 (10.145.30.0/24)

I have a Lab-Server listening ob 10.145.50.6 (10.145.50.0/24)

 

I have my DNS (Domain Controllers) on 10.0.0.3 & 10.0.0.4. Both the VPN Server and the Lab Server can freely access the DNS and a nslookup works indefinitely fine (both NETs are allowed via Firewall).

 

Now here is the mysterious problem:

When my friend connects via VPN to my VPN-Net and gets a 10.145.30.x IP, then after some seconds his nslookup requests fail and the DNS server gets listed as UnKoWn instead of the actual dns-name.

He does a nslookup to the LAB-Server.

 

---> All Traffic is passed through my net, once connected and authenticated via RADIUS.

However the VPN-Server itself has no problems with DNS and nslookups at that time.

If I change the Subnet (the VPN-Server can assign IPs from to the client) to the Lab Net (10.145.50.x) then everything works fine indefinitely . Just not with the VPN-Net.

 

LAB Net is VLAN50

VPN is VLAN30

 

Apparently my firewall settings for the VPN Net are now identical with the ones from the LAB net. So I can rule out a FW issue here.

Is there anything else I can check?

Friends CMD (when connected to VPN):

https://gitlab.com/openconnect/ocserv/uploads/c7d66e008050c4617afa340a29ac7ef5/image.png

 

My CMD:

https://gitlab.com/openconnect/ocserv/uploads/630a0bc305663821f700c055ab650d5a/image.png

 

VPN-Server software used is ocserv on Debian. Works well except from the issue above.

I already opened an issue at their gitlab but it got immediately closed stating it's a client issue...

 

ocserv gitlab issue I created if that could be of any help: https://gitlab.com/openconnect/ocserv/-/issues/395

[Aebian]

Haven't found a solution yet. It's a miracle. 

If someone came across this issue and found a solution I love to hear it.