If you are using the Wireguard MacOS App with your VPN's, you will notice that your custom DNS entries are not getting set at the system level.
You can manually edit Network Preferences -> Wi-Fi -> Advanced -> DNS and add your DNS server, but that will cause DNS errors if your VPN drops and your system DNS still points to the wireguard DNS instance.
A workaround is to add a
PostDown option to your wireguard config:
The wireguard GUI will not read the PostUp and PostDown, so you will have to run your wireguard commands from the command line.
Solution: Use the CLI
First, install the tools:
brew install wireguard-tools wireguard-go
Then, save your config to the folder:
Finally, launch your VPN - using the same name as the
sudo wg-quick up myvpn
You can set up an alias with
alias vpnup='sudo wg-quick up myvpn'
If you don't want to enter your password each time, simply run
sudo visudo -f /private/etc/sudoers.d/wireguard and paste the following contents, replacing
myuser with your username.
myuser ALL = (root) NOPASSWD: /usr/local/bin/wg-quick