DNS with Instant Guard

Sonofdavidsfather

Occasional Visitor
If you are using Instant Guard, while away from your home network, will your DNS requests use the DNS server specified in your routers LAN settings?

The reason I ask is because I use PiHole on my home network, but I see a lot of ads when using Instant Guard. I am not seeing my phone in the PiHole logs when I am using Instant Guard. I have DNSFilter on the router set to "Router". So I would think even when connected using the Instant Guard VPN to my home network that all of my DNS requests should be routed to PiHole.
 

bbunge

Part of the Furniture
You may be better off to use OpenVPN and set the client to respond to DNS.
I, too, use a Pi-Hole but for Malware/Scam sites, not adds. I also have Stubby set up on the Pi to use DoT/DNSSEC
 
Last edited:

SomeWhereOverTheRainBow

Part of the Furniture
If you are using Instant Guard, while away from your home network, will your DNS requests use the DNS server specified in your routers LAN settings?

The reason I ask is because I use PiHole on my home network, but I see a lot of ads when using Instant Guard. I am not seeing my phone in the PiHole logs when I am using Instant Guard. I have DNSFilter on the router set to "Router". So I would think even when connected using the Instant Guard VPN to my home network that all of my DNS requests should be routed to PiHole.
Yea instant guard does not prevent traffic leaks via ipv6 or dns. It explains why you are seeing ads, you would be better off using the basic manually configured ipsec server or using openvpn. Alternatively, you may need to make sure the ipsec server is pointed to use your pihole for dns, this also controls what dns Instant Guard uses.
 

Sonofdavidsfather

Occasional Visitor
Yea instant guard does not prevent traffic leaks via ipv6 or dns. It explains why you are seeing ads, you would be better off using the basic manually configured ipsec server or using openvpn. Alternatively, you may need to make sure the ipsec server is pointed to use your pihole for dns, this also controls what dns Instant Guard uses.
Thanks for the info.
 

Sonofdavidsfather

Occasional Visitor
Yea instant guard does not prevent traffic leaks via ipv6 or dns. It explains why you are seeing ads, you would be better off using the basic manually configured ipsec server or using openvpn. Alternatively, you may need to make sure the ipsec server is pointed to use your pihole for dns, this also controls what dns Instant Guard uses.

I just set the ipsec server to point DNS to my PiHole, disconnected from wifi, connected the InstantGuard VPN connection, then did an adguard test. The problem is solved. Thanks for getting me pointed in the right direction.

So if anyone else runs across this in the future, login to your router, go to the VPN tab on the left, then the VPN server tab at the top, then ipsec server at the top right. Now change the VPN Details from General to Advanced. Put your preferred DNS server in the DNS server 1 field and click Apply. After that I tested and it is blocking ads over Instant Guard. I went ahead and turned the ipsec VPN server off after that, and it looks like it is still work as well. So I guess you just have to set the DNS server and apply for it to make the change over Instant Guard as well, even if you turn the ipsec server back off.
 
Last edited:

SomeWhereOverTheRainBow

Part of the Furniture
I just set the ipsec server to point DNS to my PiHole, disconnected from wifi, connected the InstantGuard VPN connection, then did an adguard test. The problem is solved. Thanks for getting me pointed in the right direction.

So if anyone else runs across this in the future, login to your router, go to the VPN tab on the left, then the VPN server tab at the top, then ipsec server at the top right. Now change the VPN Details from General to Advanced. Put your preferred DNS server in the DNS server 1 field and click Apply. After that I tested and it is blocking ads over Instant Guard. I went ahead and turned the ipsec VPN server off after that, and it looks like it is still work as well. So I guess you just have to set the DNS server and apply for it to make the change over Instant Guard as well, even if you turn the ipsec server back off.
unfortunately, i have to do the IPSEC server route versus the Instant Guard route because the instant guard method does not prevent the IPV6 addresses of my cellular wireless client from leaking. The DNS works, but the IPleak.net reports the ipv6 address of my wireless device, while it also reports the ipv4 address of my router gateway.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top