Bridged AP (RaspAP) + PiHole breaking once PiVPN gets thrown into the mix

Desired Behavior

I'm running a Pi 4, and trying to use it (1) as an AP to extend my home network and (2) as a PiHole that adblocks on the network. I'd also like to (3) set up PiVPN (wireguard) to enjoy the PiHole benefits on mobile devices and outside the network. At this point I have (1) and (2) working, but (3) is fouling things up.


  • Raspbian OS 32bit
    -Raspberry Pi 4
  • RaspAP
  • PiVPN
  • PiHole
  • RT-AC3200 router

Actual Behaviour:

I can usually get (1) and (2) working together - after following this post - but whenever I go for (3) everything breaks down (if I can get that far before things start conflicting and breaking the internet).

I know that the issue of RaspAP and PiHole cohabitating has been discussed before - and I actually think that portion of the problem has been solved. I've read the threads ,(editor's note: as a new user, I had to delete three other links to other threads I followed here to keep all this under the 5 link limit) , and the issue of dnsmasq confliction seems to be solved if you install PiHole onto the bridged interface and do the steps listed in those threads.

My problems arise when I install PiVPN. By this point the pi is handling DNS for the entire network, but when I install PiVPN suddenly the entire internet breaks down and I have to tell my router to add cloudflare's DNS server to the list, bypassing PiHole entirely. If I don't, internet on any other device on the network fails a DNS lookup.

Steps I've followed:

  1. Install Raspap

[install script]
(without installing adblocking or openvpn support)
Set RaspAP in bridged AP mode.

  1. Install Pi-Hole to br0

[install script]
sudo touch /var/lib/misc/dnsmasq.leases
sudo chown pihole:pihole /var/lib/misc/dnsmasq.leases

  1. Configure PiHole post-installation and router. Everything is working perfectly as far as I can tell.

FYI Debug token at this point is:

  1. Install PiVPN as a wireguard server to br0

[install script]
select [br0] as the interface
Tell it to use PiHole as the DNS lookup

And here's where everything breaks down

The internet immediately breaks, I have to tell my router to add cloudflare's DNS before things start working again. Pihole looks to be running, but isn't blocking any ads because the network isn't being directed through it, but it still is getting an internet connection.

When I reboot the pi at this point internet is knocked out completely for the Pi (the rest of the network at this point is fine), but I've found that if I go into RaspAP and toggle the settings from a bridged AP to a wireless AP, restarting the hotspot, it reconnects to the network. At this point if I try to browse the web using the Raspbian browser it works, but very slowly. If I try to remove the Cloudflare DNS from the router and route things through the PiHole again, well, I can't. No internet for any other device, DNS failures I believe.

I should also add, at this point I can't figure out how to undo the damage the installation of PiVPN has wrought, except to reflash the sd card and start from scratch. Which I have done. Many times..

Debug Token:

Running pihole -d at this point produces this token:

I'm banging my head against the wall here. I've repeated this process a few times and it always fails in the same way. I'm so, so close to getting it sorted (well, actually, next steps after this is to get all of this playing nicely with Private Internet Access, but that's another issue altogther), but it's stumbling bright before the finishing line. Thanks for any help you can give me, I hugely, hugely appreciate it.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.