1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

setting up on-board openvpn server w/pihole question

Discussion in 'Asuswrt-Merlin' started by Jumpstarter, Dec 9, 2019.

  1. Jumpstarter

    Jumpstarter Senior Member

    Joined:
    Apr 3, 2019
    Messages:
    269
    I have setup nat table rules to control the interface of the router VPN server
    piholes ip is "192.168.1.2"
    iptables -t nat -A PREROUTING -i tun21 -p udp --dport 53 -j DNAT --to 192.168.1.2
    iptables -t nat -A PREROUTING -i tun21 -p tcp --dport 53 -j DNAT --to 192.168.1.2
    iptables -t nat -A PREROUTING -i tun22 -p udp --dport 53 -j DNAT --to 192.168.1.2
    iptables -t nat -A PREROUTING -i tun22 -p tcp --dport 53 -j DNAT --to 192.168.1.2


    Also, I have setup push "dhcp-option DNS 192.168.1.2" inside the server settings.
    I did not want to manipulate connect to DNS automatically option. left it at default Yes
    Are there any options i need to consider for conditional forwarding and reverse lookup?


    EDIT:
    Decided to switch to
    Code:
    iptables -t nat -A PREROUTING -i tun21 -p udp ! --source 192.168.1.2 ! --destination 192.168.1.2 --dport 53 -j DNAT --to 192.168.1.2
    iptables -t nat -A PREROUTING -i tun21 -p tcp ! --source 192.168.1.2 ! --destination 192.168.1.2 --dport 53 -j DNAT --to 192.168.1.2
    iptables -t nat -A PREROUTING -i tun22 -p udp ! --source 192.168.1.2 ! --destination 192.168.1.2 --dport 53 -j DNAT --to 192.168.1.2
    iptables -t nat -A PREROUTING -i tun22 -p tcp ! --source 192.168.1.2 ! --destination 192.168.1.2 --dport 53 -j DNAT --to 192.168.1.2
    
     
    Last edited: Dec 10, 2019