Pi-Hole + L2TP VPN on the same Pi

Firefox · October 1, 2018, 8:24pm

I have been trying to get my VPN server + Pi-Hole set-up work for over a week now and I'm having no luck at all. I used to have it set-up so that my older Pi 2B runs Pi-Hole and my Pi 3B+ runs the VPN server. However I recently re-purposed my 2B for something else and am now trying to get it both to work on the 3B+, in which I'm failing miserably.

My router does not have the ability to set a network wide DNS so I hand the DHCP off to Pi-Hole so I don't have to set it on each and every device. When I install Pi-Hole first, it works perfectly fine. If I then install the L2TP VPN server, the DHCP from Pi-Hole will suddenly stop handing out leases and the network stops working. Then when rebooting the Pi, it doesn't come back online until after I switch the DHCP on the router back on and reboot the pi once again.
The VPN server will work no matter what, I haven't had any problems with it so far.

I know the combination of Pi-Hole and a VPN can be done with PiVPN but I don't want to use a separate app or client to connect with my network when I'm on the go. L2TP works like a charm and out of the box on Android, iOS and Windows so I would really prefer to use it instead of OpenVPN. I use the VPN mainly to log into my network remotely, access my NAS and/or play games with friends on 'LAN' without having to use things like Hamachi. Being able to block ads through the VPN and preventing DNS leaks would be an added benefit but are not a necessity.

The L2TP set-up I'm using is this: Raspberry Pi L2TP VPN Setup Scripts.md · GitHub
Which utilizes Softether as the VPN server.

Does anyone have any experience in getting this both to work on 1 device?

RamSet · October 1, 2018, 8:43pm

I have a feeling it's failing because of this:

iface br0 inet dhcp
	bridge_ports eth0

See if this setup helps you:

You'd be able to setup a range of IPs that would get assigned to the connecting clients (and thus avoid breaking the DHCP server).

You'd have to set up the DHCP server range to be bellow the range for the VPN (2-200 on Pi-hole, 201 to 254 for the VPN ... or something like that).

Firefox · October 1, 2018, 9:18pm

Thanks a lot for the quick reply. I will give this a shot and let you know how it works out.

Firefox · October 1, 2018, 11:13pm

I can't seem to get that to work.
It takes a long time to try to connect and eventually times out.
I narrowed the problem down a little closer.
After running step1 and rebooting everything still works.
It is once I run step2 that the Pi refuses to come back online.

I also tried changing the /etc/network/interfaces file to:

iface br0 inet static
address 192.168.1.200
netmask 255.255.255.0
gateway 192.168.1.1
dns-nameservers 127.0.0.1

No luck though

RamSet · October 1, 2018, 11:15pm

Did you try the steps in that article from scratch ?

Firefox · October 1, 2018, 11:41pm

I did, on a fresh install.
BUT! It flippin' works now!!!

The combination of changing the interfaces file as mentioned before and these steps made it so that it finally works. I had done the steps before but was not able to make it work. Changing the interfaces file must've done the trick. Thanks for pointing me in the right direction Ramset!

This also keeps the benefit of being able to use SoftEthers VPN Manager software which I quite like.

system · October 22, 2018, 11:42pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.