PiHole & OpenVPN - No ad blocking w/ travel router

greaseit · March 12, 2018, 3:09am

Expected Behaviour:
PiHole should block ads on local network and for OpenVPN clients - including my OpenVPN travel router

Actual Behaviour:
Blocks ads locally, blocks ads when my devices connect to my Pi3's instance of OpenVPN (installed with PiVPN), but does not block ads when my devices connect to my home OpenVPN server through my travel router (an OpenVPN client itself - a Gl.Inet MT300N). The travel router connects fine to my VPN, and the devices have full access to my local network and the internet when connected through my travel router, but no ad blocking when set up that way. The only way I can get ad blocking through VPN is to disconnect my devices from my travel router and connect them to the VPN with their individual certificates.

jacob.salmela · March 14, 2018, 12:32am

Are you using DHCP with OpenVPN? You need to make sure you have a directive like this in /etc/openvpn/server.conf

push "dhcp-option DNS 192.168.2.123"

greaseit · March 14, 2018, 1:10am

I am. Here's what I've got:

#Set your primary domain name server address for clients
push "route 192.168.0.0 255.255.255.0"
push "dhcp-option DNS 192.168.0.4"
#push "dhcp-option DNS 0.0.0.0"

I added the push "route..." following instructions on GitHub to get internet on devices connected to the VPN. I'm very green so it's not clear to me what DHCP and the route option are actually doing.

jacob.salmela · March 14, 2018, 1:13am

That directive tells DHCP clients connecting to the VPN to use that IP address for their DNS server, which is what you want--to force clients to use Pi-hole as their DNS server.

Try restarting OpenVPN and connecting a new client to see if it works.

Anudeep · March 14, 2018, 4:03am

Have you enabled this option in Pi-Hole?

greaseit · March 14, 2018, 9:38pm

On my home network now - logged the travel router in and am testing things before making any changes. Everything works when I'm at home so I'll have to go elsewhere to do some testing. May be a few days to get a definitive answer.

greaseit · March 14, 2018, 9:39pm

Anudeep,
It was set on "listen one on interface eth0".

Having not changed any settings everything is working with the travel router connected to my home network. I'll change it to "Listen on all interfaces" and find somewhere else to connect to in the next few days to test it.

greaseit · March 18, 2018, 2:11am

No dice. I set the Pi-Hole to listen on all interfaces, set up the router outside my home network, and still no ad blocking. The individual certificates still work with ad blocking. The connections through the travel router don't block them. I thought for sure that would do it.

system · April 8, 2018, 2:11am

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.