diff --git a/algo b/algo
index 1727abf..c24fe1e 100755
--- a/algo
+++ b/algo
@@ -19,7 +19,7 @@ read -p "
 Do you want to install a local DNS resolver to block ads while surfing?
 [y/N]: " -r dns_enabled
 dns_enabled=${dns_enabled:-n}
-if [[ "$dns_enabled" =~ ^(y|Y)$ ]]; then ROLES+=" dns"; fi
+if [[ "$dns_enabled" =~ ^(y|Y)$ ]]; then ROLES+=" dns"; EXTRA_VARS+=" local_dns=Y"; fi
 
 read -p "
 Do you want to use auditd for security monitoring (see config.cfg)?
diff --git a/config.cfg b/config.cfg
index c9cedd8..6db3c7e 100644
--- a/config.cfg
+++ b/config.cfg
@@ -27,10 +27,6 @@ vpn_network_ipv6: 'fd9d:bc11:4020::/48'
 server_name: "{{ ansible_ssh_host }}"
 IP_subject_alt_name: "{{ ansible_ssh_host }}"
 
-# Enable this variable if you want to use a local DNS resolver to block ads while surfing. (True or False)
-service_dns: True
-
-# If you don't want to use a local DNS resolver (option `service_dns`) you need to define DNS servers in this list.
 dns_servers:
   - 8.8.8.8
   - 8.8.4.4
diff --git a/roles/vpn/templates/ipsec.conf.j2 b/roles/vpn/templates/ipsec.conf.j2
index fa29458..2bd6ad1 100644
--- a/roles/vpn/templates/ipsec.conf.j2
+++ b/roles/vpn/templates/ipsec.conf.j2
@@ -17,7 +17,7 @@ conn %default
     right=%any
     rightauth=pubkey
     rightsourceip={{ vpn_network }},{{ vpn_network_ipv6 }}
-{% if service_dns is defined and service_dns == "Y" %}
+{% if local_dns is defined and local_dns == "Y" %}
     rightdns={{ local_service_ip }}
 {% else %}
     rightdns={% for host in dns_servers %}{{ host }}{% if not loop.last %},{% endif %}{% endfor %}