Remotely access local pihole from phone

In the past I had router forwarding port 53 to my Server, but I ended up with a bunch of unwanted hosts querying it, specially for census.gov, so I had to remove the forward.

But now I'm researching a way to setup Android to use custom DNS server and would like to have it using my Server when I'm on 4g.

Is it possible to have my phone call home and block everybody else? I guess it must be set on router but I can't figure how to do it.

The solution you are looking for is a Virtual Private Network (VPN). I'd suggest having a look at PiVPN to get you started as it provides an easy to setup interface and control system for setting up Wireguard (this is your VPN software).

You would then need to generate a profile and get an App on your phone in order to remotely connect to your server; you will also need to open a port on your router (51820/udp is the default) so you can access it.

1 Like

Is it possible to setup Android to use VPN for DNS queries and not use it for everything else. I don't wanna use my ISP service for every network traffic, all I want is to use my pihole to resolve domains when I'm on 4g.

I am not sure on the advice for opening your PiHole up to the internet; or even if your ISP allows it. I believe the official stance is that you should do so under your own risk. This is what I would do;

  1. Register for DuckDNS (this allows a hostname to stay the same even if your ip address changed), pick a suitable subdomain and install it. There are plently of tutorials online.
  2. Open port 53 on your router, this should point to your PiHole
  3. Change your phone's DNS settings to use the hostname above example.duckdns.org
1 Like

I use https://www.zerotier.com/ when im outside my home, does not need any ports open.

1 Like

Yes. Set up a split tunnel - only the VPN traffic goes back to your Pi-hole and the data traffic stays on the network that your phone is using.

https://docs.pi-hole.net/guides/vpn/wireguard/overview/

https://docs.pi-hole.net/guides/vpn/openvpn/only-dns-via-vpn/

2 Likes

I had all that done, my router handles noip. But I had to close the forward because there were somebody flooding me with queries as I said.

I'll read about the suggestions, tnx a lot :smiley:

Yes, opening port 53 to the world is a really bad idea. (this is called an open resolver)

@hikari Note that the two links provided by @jfb show two different ways for setting this up. They are not compatible with each other. The first link sends you to using WireGuard. This is a lot faster and more modern than OpenVPN and, in general, a good choice (there is some personal opinion of me included here, of course).
When you set up Wireguard as per our guide, you will get exactly what you want

Only when following the two extra steps, you'd get the "all through ISP" solutions.

1 Like

Yes, I had read first page of WireGuard tutorial and it's what I want, I still need to learn what options I have for VPN client on Windows and Android.

Android: use the official one https://play.google.com/store/apps/details?id=com.wireguard.android, you can create the configuration on the server and transport it to the phone using a QR code. This is very convenient.
Windows: I have no experience with Windows but I guess there will be a ton of things. I see there is an official one, too listed on Installation - WireGuard

1 Like

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.