How to easily use your Pi-Hole outside of your personal network

Thanks a lot for that. This is exactly what i was looking for, with my isp cgn this the only working guide and it is way faster than other vpn methods.

Btw did you find a way to connect to other devices on the lan without ZeroTier installed?

The issue I am facing:
I installed the pi-hole on my raspberry pi with success and configured the DNS servers to use my rpi to route all traffic through the pi-hole.
Details about my system:
When following this post: ZeroTier
to connect the zero tier network to pi hole with the mentioned routing rules. The routing through zero-tier network works, but the problem is, that the routing without connected to zero-tier (only through eth0) does NOT work anymore and no blocking of adds when connected without zero-tier is done, which was previously working well, when connected to my LAN network through eth0 or wlan0.
Q: How can I add/change the routing rules so that, pi-hole blocking would work when routing traffic through zero-tier tunnel AND through eth0, when NOT connected to zero-tier network.
What I have changed since installing Pi-hole:
PHY_IFACE=eth0; ZT_IFACE=ztly547uhs

sudo iptables -t nat -A POSTROUTING -o $PHY_IFACE -j MASQUERADE
sudo iptables -A FORWARD -i $PHY_IFACE -o $ZT_IFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i $ZT_IFACE -o $PHY_IFACE -j ACCEPT
including these rules enables connection from zero-tier network to my LAN, but breaks the direct eth0, wlan0 add blocking, which was working previously?
Kind regards, Peter

Is there any way to use this on docker? My pi-hole runs on docker because I am running Manjaro, and docker is the only way to get it running. I only have 1 laptop so using another device to host pi-hole is not an option for me.

neofetch

██████████████████  ████████   soumi@Hori 
██████████████████  ████████   ---------- 
██████████████████  ████████   OS: Manjaro Linux x86_64 
██████████████████  ████████   Host: Aspire A514-53 V1.16 
████████            ████████   Kernel: 5.15.7-1-MANJARO 
████████  ████████  ████████   Uptime: 3 hours, 15 mins 
████████  ████████  ████████   Packages: 1375 (pacman), 11 (flatpak) 
████████  ████████  ████████   Shell: zsh 5.8 
████████  ████████  ████████   Resolution: 1280x720, 1280x720 
████████  ████████  ████████   DE: Plasma 5.23.4 
████████  ████████  ████████   WM: KWin 
████████  ████████  ████████   Theme: Breath2 2021 Light [Plasma], Breeze [GTK2 
████████  ████████  ████████   Icons: [Plasma], breeze [GTK2/3] 
████████  ████████  ████████   Terminal: terminator 
                               CPU: Intel i3-1005G1 (4) @ 3.400GHz 
                               GPU: Intel Iris Plus Graphics G1 
                               Memory: 5781MiB / 7626MiB

the only issue I had with this tutorial is the ip address assignment for the pihole. It's should not 192.168.192.1

it's the gateway address of the network. I change it to 192.168.192.10 and all device pointing to that IP and it works

Thanks for Posting this lovely guide, I accomplished it mostly the same way.

Just some Additions to your guide for 2022:

  1. You only seem to get a total of 2 Managed IPs (atleast i got just 2), but it still properly works, so dont wait for a 3rd one.
  2. In the Zerotier One App (Andoird), you have to go to Settings and check "Use Cellular data" to connect to the mobile internet

Best Regards

The "Listen on All Interfaces" does not show on my PiHole Settings.

Should one of these be selected?

When the above articles were written it was worded as Listen on all interfaces, permit all origins. Now it's worded as Permit all origins.

1 Like

Thank you. That worked but I ran into another issue. PiHole is filtering as expected on cellular connections but now any App I have that needs to communicate with devices inside my home network (like Ring) aren't working. Any ideas?

1 Like

For Windows machines in different networks this doesn't work. I have a computer in another place and set up the ZeroTier IP as preferred and the local IP (because sometimes I bring the machine here) as alternative but it doesn't work. I mean, I can ping the ZT IP but everything else doesn't work, Firefox doesn't have Internet, Rustdesk can't connect, and so on.

Has anyone had any luck in setups like this?