I’ve setup PiHole and OpenVPN several times on devices like RaspberryPI and Odroid64. OpenVPN is usually the tricker part to get right. What I’ve found that works best is to first install PiHole, then use PiVPN to setup OpenVPN. It is by far the easiest way to install OpenVPN. After you’ve installed it, however you will need to make one modification:
Open /etc/openvpn/server.conf and add the following line (substitute the IP of your PiHole device):
push "dhcp-option DNS 172.16.0.75"
And then comment out (using #) every other push “dhcp-option” line.
This will force OpenVPN to use only PiHole as your DNS server.
If you want to create static entries for machines in your network (this is very helpful for windows machines) modify /etc/hosts and add your entries there:
172.16.0.6 MyMachine
In order to make sure your hard-wired DNS entries respond appropriately for both inside the network, and via an OpenVPN connection, go to PiHole settings and on the DNS tab make sure that under Interface listening behavior you select the radio button listen on all interfaces and uncheck all entries on Advanced DNS Settings
Now go to your router and change your DNS settings so that it points to only your PiHole server. Every client that connects from inside your network, or the OpenVPN tunnel will now use PiHole for DNS queries which allows you to use these DNS entires. Additionally even your OpenVPN clients will now have the benefit of PiHole blocking ads.
Did you portforward port 51820 to your RPI?
First make an instance VPN if that does not exist in your router, else adapt that instance
Protocol UDP start port 51820, end port 51820
Then create a new item that points to your RPI IP.
Make it use the VPN instance you just created.
It's a 2 stage setup on most routers.
Let PiVPN be on IPv4 only on your router as well
For troubleshooting switch off IPtables or UFW because it can obstruct.
I'm trying to install OpenVPN and PiHole on my Raspberry Pi 4. I read a lot of tutorials but I never reach to a good functioning. I mean, after installation step, I have my OpenVPN which works well on my Raspberry (I don't see my Public IP address). On my Windows computer (after setting of the DNS Address) I can see my Pi Hole console which works fine (ads are blocked!) but I see my public IP address.
Is there an explanation ? Could someone tell me what I'm missing ?
I reconfigured PiVPN, chose WireGuard, for the port forward part. Should I fill in the public IP or the 192.168... address?
Also, my pihole failed to work after PiVPN was installed every time. Here is the debug log for pihole: https://tricorder.pi-hole.net/yUGdz6lW/
After restartdns, the pihole part works well. Though still, the wireguard does not work.
Here is the PiVPN debug log:
pi@raspberrypi:~ $ pivpn -d
::: Generating Debug Output
:::: PiVPN debug ::::
:::: Self check ::::
:: [OK] IP forwarding is enabled
:: [OK] Iptables MASQUERADE rule set
:: [OK] WireGuard is running
:: [OK] WireGuard is enabled (it will automatically start on reboot)
:: [OK] WireGuard is listening on port 51820/udp
:::: WARNING: This script should have automatically masked sensitive ::::
:::: information, however, still make sure that PrivateKey, PublicKey ::::
:::: and PresharedKey are masked before reporting an issue. An example key ::::
:::: that you should NOT see in this log looks like this: ::::
:::: YIAoJVsdIeyvXfGGDDadHh6AxsMRymZTnnzZoAb9cxRe ::::
The 192
However it will all be filled in auto by the setup.
Just confirm IP internal, external and suggested port.
On your router forward UDP suggested port from external to the 192 internal.
Ask again if you cannot find it.
Often YouTube is a great resource.
Regards.