So I moved into a new place with my fiance and we have a ZenWifi Pro E12 for our home router.
I was wanting to protect our network, be able to access devices at home with Wireguard and use the ad-block VPN we've configured remotely.
AsusWRT on the router supports having a Wireguard VPN, but there's a few questions I have.
I'd rather have the Pi-Hole device to be to main Wireguard "server".
I believe this is doable with this "VPN Fusion" feature and getting the client configuration from the Pi-Hole device, but I just want to verify. I'd want to do this as I'm unsure of how to access the Wireguard configuration files on the Asus router, and it limits what I can do with Wireguard as well.
What's your preferred or most secure or privacy-focused DDNS provider?
I know to use the Pi-Hole's block and VPN you need to have a DDNS.
Has anyone tried doing UDP-over-TCP with their Wireguard server?
I've seen several programs that supposedly let you do this, but I'm unsure of it's viability.
I just posted about an extremely similar setup/issue!
I can tell you this-
I set up my VPS using the "VPN Fusion" feature of ASUSWRT, to put my entire home LAN behind the VPN.
It works well...except I have to choose between excluding my PiHole from the VPN, OR not get Pihole ad-blocking on my mobile phone when I'm away from home.
My phone simply will not connect to a Pihole WG server that is behind a VPN network at the router level.
As you said, in my setup, the PiHole is the WireGuard server, and I'd prefer it stays like that.
The limiting factor for me, it appears, is that no matter how I configure things, it's not possible to have my PiHole behind a LAN-wide VPS in addition to being able to tunnel into the Pihole when I'm remote. I suspect my VPN service provider does not allow it...
I did a fair amount of research and ended up going with NOIP for DDNS, as I am extremely privacy-focused, and it works very well with minimal-to-none personal info and 2 minutes total to setup.
I wish you luck, and please let me know if I can be of any more assistance-- we are in the same boat more or less. I've poured over various potential configurations ad nauseum, with no luck yet.
1 - Agreed. I am trying to get everything perfect working with the VPN fusion feature. Not quite there yet.
2-NOIP
3-No
4-if you are not running a VPS at the router level, use PiVPN on your PiHole as a Wireguard Server. You can then tunnel into your Pihole from any peer you choose (iPhone, MacBook, etc).
I tried each and every step, and no dice...I believe that my VPN provider (or any VPN service) does not support this.
If you think about it, I am away from home, trying to tunnel into a raspberry pi that has an external IP address that is provided by Mullvad. The VPN service only works outbound from my home LAN; not inbound. I even have DDNS and that only works when my Pihole is NOT behind the router's VPN, for obvious reasons.
That is my understanding of the situation. I spoke to customer service from both Mullvad and another VPN, and they both said "we don't support this."
I always figured I could sort out some workaround, but after a month, I think it's over.
My dream setup is dead
I very much appreciate your help, SeƱor Stewart. Thank you.