Setting up a cloud instance with WireGuard VPN & Pihole (help)

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

gil80

Occasional Visitor
Hi everyone,

Looking for someone who successfully set an Oracle cloud instance with Pihole and Wireguard VPN.
I've read and followed every guide I could find online, however, they only work to a certain point. When I try to use Oracle cloud with Wireguad as a split VPN where only the DNS traffic goes through WireGuard, I can't access the internet.

As I'm not a linux expert, I tried my best in the last 5 days to troubleshoot firewall rules and figure out why full tunnel works but not split tunnel.
Using my local network configuration at home, split-tunnel with Wireguard works well.

Appreciate it if someone could help out.
  1. Installed an Oracle instance with Pihole and Wireguard.
  2. Full tunnel works with WG DNS server = 1.1.1.1.
  3. Split tunnel doesn't work.
The private IP of the Oracle instance is 10.0.0.3. That's also Pihole's IP.


WireGuard server = 10.0.1.1

interface: wg0 (I removed keys entries)

Code:
[interface]

private key: (hidden)

Address = 10.0.1.1/24

listening port: 51820

PostUp   = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE


### begin iphone8 ###

[Peer]

PublicKey = (key)

PresharedKey = (key)

AllowedIPs = 10.0.1.2/32

### end iphone8 ###
Client (I removed keys entries)
Code:
[interface]
Address = 10.0.1.2/24
DNS servers = 10.0.0.3
[peer]
Endpoint = public IP:51820
Allowed IPs = 10.0.0.3/32
This split tunnel set up doesn't work. I cannot even ping my client at 10.0.1.2.

If I set:
Code:
DNS servers = 1.1.1.1
Allows IPs = 0.0.0.0/32
IT WORKS. But that's full tunnel.

#: cat /etc/resolv.conf
Code:
# Generated by dhcpcd from ens3.dhcp
nameserver 127.0.0.1
 
Similar threads
Thread starter Title Forum Replies Date
K offer cloud workspace, wich solution General Cloud Discussion 0

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top