Hi I have two raspberry pi's. One is running pihole and other one is running wireguard vpn server. Both setup using bash scripts that has installer so pivpn and normal pihole installer.
Both pi has static IP and both services individually works. As in I can lease DHCP to normal devices on network and ads are blocked system wide. However since this pi that runs VPN server has static IP I have added it to static DHCP lease from admin portal. I also made it so pihole listens all the interfaces to fix vpn not being able to use it.
Issue is that when I connect to my home network through wireguard I cannot use pihole. Ads aren't blocked. If I instead just connected my WiFi it works fine. How can I integrate pihole into wireguard connections as well so when I use vpn outside my ads are blocked too? Thanks.
You may be missing suitable routes in your wireguard configuration to be able to reach devices in your network from outside through the Wireguard tunnel. Or you may be missing IP forwarding.
Check out the official Pi-hole Wireguard documentation draft. It would be nice if you could share your thoughts and suggestions for improvements. I wrote this entirely from memory, I yet have to verify that everything is indeed working as written there.
Hi, I set up the wireguard using pivpn installer so not sure which configuration I have to change to route it to pihole server. Just for the record I can access my devices from outside using wireguard. It fully works only issue is it doesn't use pihole so no ads are blocked but except that it works. I forwarded IP to achieve outside connection.
Then everything is already set up correctly, you will just have to tell your clients to use the Pi-hole as DNS server. Note that your DHCP server telling the devices inside the network has no influence on your Wireguard clients. You have to configure them explicitly to use the Pi-hole as DNS server.
To use a peer as a DNS server, set DNS = 1.2.3.4 in the [Interface] section (replace 1.2.3.4 by the IP of your Pi-hole) of every client. Another way to do this is to configure this in /etc/resolv.conf
Could you tell us what you set exactly where? This will help us making our official guide become more user-friendly. Have you checked it out? Would you have suggestions about how things could get improved?
Setting up a Wireguard VPN is really straightforward and I'd rather like users to do it themselves than running a pivpn script. The latter is/was known to have caused some issues in the past - it is just an additional gear-wheel that should be avoided IMO. There is nothing wrong about you having used it, however, we try to explain things from first principles to ensure there is a certain learning effect involved. This will only help you to be able to help yourself if something breaks later (because you already know where each config file is, what is in them and why, how to generate a key, etc.)
I just added IP of Pi that is running pi-hole on wireguard DNS settings. Which located at interface. I haven't checked the guide because I didn't had to. Pivpn is straightforward and good enough for me. In this case pivpn hasn't caused any issues it was just basic addition I had to make on wireguard settings to push to traffic to pihole. I understand that reasoning but honestly for users like me who don't want to who cannot spend lot of time reading pages of guides pivpn is very convenient. I can see that if something breaks you don't really know what it is exactly but as I said there isn't any indication on this case that it caused issues and was bad. Just had to add basic DNS server to my wireguard settings to achieve what I wanted, except that pihole worked perfectly on its own anyway since the beginning.
DL6ER wasn't trying to make you read our guide, he was hoping you could provide us with your exact modifications.
If we knew those modifications, we could decide whether it would be a good thing to include them in our guide.
So if you could quote the name of the file or files you were altering, along with the config lines you added to get it going, that would be really appreciated.
