Block ads while using VPN for privacy?

ianman · October 20, 2020, 8:16pm

I am using a VPN service on my iphone to provide privacy on the web and understand that the VPN connection handles DNS query's (as is the design of the service for "anonymity") but in doing so allows ads because of the encrypted tunnel to the VPN server handles the DNS query's and subsequently allows the ads because it doesn't have a host file or anything to block the ads.

Now when using Pi Hole ads can be blocked through it's DNS service that your router is using but your ISP can still see every place you visit and any unsecured (like http) information openly as it travels through your modem gateway.

I am looking for both the anonymity of a VPN service with the ad blocking of Pi Hole at least while I am on my WiFi. I did find a short "NO" answer here ( Block vpn apps on ios and android to use other dns then pihole dns ) but I have set my iPhone to use my Pi Hole as its DNS service in my WiFi network settings (via manual DNS) so as I understand how it "should" work is I submit a query which should go to my Pi Hole and if the answer is there in DNS then the loopback is created and resolved and if the DNS query isn't in the Pi Hole table then it goes out to the internet via my VPN service connection and resolves the DNS query. Apparently this isn't the way it works because the ads aren't getting blocked but has anyone found a clever workaround to make this work?

Surely we should be able to have the privacy of a VPN service with the ad blocking of Pi Hole?

Another odd thing is I have set my Pi Hole as my DHCP server but I am still unable to resolve my local domain of http://pi.hole/admin (I have to access via IP address)? Not huge but don't understand why when Pi Hole is handling DHCP.

Thanks for any help that you can!!

Bucking_Horn · October 20, 2020, 8:38pm

No.
Once (and if) the query is off to Pi-hole, Pi-hole will forward allowed DNS queries upstream, and the machine that Pi-hole runs on will be subject to normal routing in your network.

That means your DNS requests will leak outside the VPN tunnel, which only exists between your iPhone and your VPN provider.

A solution for your home network would be to use your router as a transparent VPN gateway (if your router supports it), or to setup such a dedicated VPN gateway in your network.

When away from home, you could keep your VPN connection to your VPN provider on your iPhone, without using Pi-hole's filtering.

Alternatively, to use your Pi-hole's filtering, you could setup a VPN server at home that would allow you to connect to your home network through your iPhone, i.e. your iPhone uses your home VPN server as VPN provider.
Again, it's possible your router can take this role, or you'd need to install a dedicated server.

A home VPN server would not eliminate the need of a VPN service in your case.
You'd need both for your aspired solution.

7e4bd47cb150e9685360 · October 20, 2020, 10:17pm

I was in the same position, have the benefit of blocking ads with Pihole but lose the privacy of the VPN or vice versa. My solution is to use AdGuard Pro on my iPhone, it can subscribe to many of the same block lists as Pihole, and since the iPhone allows for dual VPN you get the local DNS filtering and the benefit of the VPN for privacy.

system · November 10, 2020, 10:17pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.