Wireguard to PiHole setup

[Ellenswamy]

Hey all,

I have 2 PiHoles setup and working forever on my local network, no issues there. I am trying to set Wireguard in Merlin to work with my Pihole when I am away. I have the piholes set to "permit all organs" I see the blue dot when I connect to wireguard in the Asus webpage\VPN. But it looks like I am not getting any DNS, is there something I am doing wrong?

Update: If I allow all IP's instead of trying to setup split tunnel, it works but it goes through the WAN DNS settings and not my piholes. I tried to set it going to to my Pihole's and dns again does not work.

 

[bennor]

Did you configure the Wireguard DNS Server (Optional) field for the Pi-Hole IP address?
A earlier discussion on Pi-Hole and Wireguard.

Pi-Hole + Asus WRT Wireguard

Hey y'all I got a Pi-Hole setup on my network catching all LAN/WAN DNS queries however, my issue is that it's not catching Wireguard queries from my Asus router. I tried setting up PiVPN on my RPi however, for this to work my RPi must not be routed through a VPN tunnel and must have the WAN IP...

www.snbforums.com

PS: And over on the Pi-Hole discord...

AsusWRT + Wireguard + Pi-Hole Guide/Suggestions?

Hey friends! So I moved into a new place with my fiance and we have a ZenWifi Pro E12 for our home router. I was wanting to protect our network, be able to access devices at home with Wireguard and use the ad-block VPN we've configured remotely. AsusWRT on the router supports having a...

discourse.pi-hole.net

 

[Some1]

You need to make sure you're pointing to your local DNS IP (the Pi-hole) in your VPN settings on the Asus router. Additionally, you should also set the DNS IP to your Pi-hole in the WireGuard app on your client device.

This way, when you're connected via WireGuard, all DNS queries will go through your Pi-hole just like when you're at home.

 

[Ellenswamy]

Did you configure the Wireguard DNS Server (Optional) field for the Pi-Hole IP address?
A earlier discussion on Pi-Hole and Wireguard.

Pi-Hole + Asus WRT Wireguard

Hey y'all I got a Pi-Hole setup on my network catching all LAN/WAN DNS queries however, my issue is that it's not catching Wireguard queries from my Asus router. I tried setting up PiVPN on my RPi however, for this to work my RPi must not be routed through a VPN tunnel and must have the WAN IP...

www.snbforums.com

PS: And over on the Pi-Hole discord...

AsusWRT + Wireguard + Pi-Hole Guide/Suggestions?

Hey friends! So I moved into a new place with my fiance and we have a ZenWifi Pro E12 for our home router. I was wanting to protect our network, be able to access devices at home with Wireguard and use the ad-block VPN we've configured remotely. AsusWRT on the router supports having a...

discourse.pi-hole.net

I saw that right before I posted and not sure how to setup the forward from Wireguard in Merlin to my Pihole's . I setup IP forwarding on my rpi's. I believe the issue is coming in from VPN is not making its way to my Pihole's so I am not getting DNS.

 

[Ellenswamy]

You need to make sure you're pointing to your local DNS IP (the Pi-hole) in your VPN settings on the Asus router. Additionally, you should also set the DNS IP to your Pi-hole in the WireGuard app on your client device.

This way, when you're connected via WireGuard, all DNS queries will go through your Pi-hole just like when you're at home.

How do you do this? I'm the allowed IP's? I currently have it set to 0.0.0.0/0, ::0/0 and Wireguard works but goes through any WAN DNS and not my piholes's

 

[Some1]

On your Wireguard client config file add a line with DNS settings.
example:

[Interface]
address = 10.0.0.1/24
PrivateKey = somePrivateKey
DNS = 192.168.0.25 <-- whatever ip you have on your pi-hole

 

[Ellenswamy]

On your Wireguard client config file add a line with DNS settings.
example:

[Interface]
address = 10.0.0.1/24
PrivateKey = somePrivateKey
DNS = 192.168.0.25 <-- whatever ip you have on your pi-hole

so export the file from the web page and than edit it? is that what you mean? if that is the case I feel silly haha

 

[Some1]

"I am trying to set Wireguard in Merlin to work with my Pihole when I am away. I see the blue dot when I connect to wireguard in the Asus webpage\VPN"

That sounds like you already have an config file. just add a line in that file (notepad will do) and put in DNS = 192.168.0.25 <-- whatever ip you have on your pi-hole

 

[Ellenswamy]

"I am trying to set Wireguard in Merlin to work with my Pihole when I am away. I see the blue dot when I connect to wireguard in the Asus webpage\VPN"

That sounds like you already have an config file. just add a line in that file (notepad will do) and put in DNS = 192.168.0.25 <-- whatever ip you have on your pi-hole

tried that and it still didn't work. Not sure what I am missing

 

[bbunge]

tried that and it still didn't work. Not sure what I am missing

You have to edit the DNS settings in the Wireguard client.
For example, in the Wireguard client in iOS there is a ">" to the right of the slider that enables the connection. Touch the ">" and you get a Settings page where you can select Edit. In the DNS Servers space is the default 10.6.0.1 which you can change to the IP address of your Pi-Hole such as 192.168.50.3. Be sure to Save the settings!
I have done this on iOS, Android and Windows 11 and it works!

Edit: Here is a screen shot of where to edit the WIndows Wireguard client: