AX86U - how to get Wireguard and Pihole working together

[camaro322hp]

Hello all. Question regarding Wireguard/Pihole.

I have a Pihole set up as my DNS server on my network. I set its IP as my DNS Server 1 on the LAN - DHCP Server tab. I am not advertising the router's IP in addition. It's working great for devices on my network.

I also have a Wireguard VPN Server configured on my AX86U so I can access my home network when I'm away. It's also working great.

However, I noticed that when I'm away and VPN'ed to my home, I don't have any ads blocked. It appears that the VPN connection is not using the router's DNS server.

Here is my Wireguard setup. Not sure what I should change here, if anything.

I noticed on the VPN peer config, there is a line that says:

DNS = 10.6.0.1

(but that does not appear to be configurable). My network is based on the 192.168.1.xxx subnet. Not sure where 10. is coming from, but I am a networking novice.

Anyone know what I need to do to get these working together? I am running ASUSWRT latest (22525)

 

[bbunge]

Use Diversion on the router. Uses the same block lists as Pi-Hole.

 

[camaro322hp]

Use Diversion on the router. Uses the same block lists as Pi-Hole.

I'm willing to try that, but wouldn't I end up with the same issue? I feel like the issue is with Wireguard not using the router's DNS server, so using a different DNS server on the router wouldn't change anything.

 

[Tech9]

VPN Servers use whatever is set in WAN for DNS servers. I was playing with 388_22525 recently, OpenVPN and Instant Guard - the same for both. You have to find a way to push DNS servers to your VPN Server clients, but I don't know how it works for WireGuard. Possible with OpenVPN Server.

 

[bbunge]

In your Wireguard exported config file you should be able to change the line "DNS = " to the address of the Pi-Hole

[Interface]
PrivateKey =
Address = 10.6.0.2/32
DNS = 192.168.1.5

Then import the file into the Wireguard client.

 

[camaro322hp]

In your Wireguard exported config file you should be able to change the line "DNS = " to the address of the Pi-Hole

[Interface]
PrivateKey =
Address = 10.6.0.2/32
DNS = 192.168.1.5

Then import the file into the Wireguard client.

Thanks, I'll give that a try.

 

[camaro322hp]

In your Wireguard exported config file you should be able to change the line "DNS = " to the address of the Pi-Hole

[Interface]
PrivateKey =
Address = 10.6.0.2/32
DNS = 192.168.1.5

Then import the file into the Wireguard client.

That worked, thank you for the suggestion @bbunge!

 

[bbunge]

That worked, thank you for the suggestion @bbunge!

Well, guess that is one for the old guy!
Glad it worked for you.