Hi all.
I have setup OpenVPN in my router (server) and Android phone (client)
When the phone connects, it gets the IP 10.8.0.2.
Then Pihole warns about "Ignoring query from non-local network warning message" which is expected.
I tried to figure out how to set that IP as an exception. Since pihole ignores queries from this IP, I cannot browse the net or access my local network using OpenVPN.
Appreciate your help.
I didn't try that since I understand that this is a very liberal setting. I was hoping to find a more strict policy to allow only for that IP address to go through rather than changing the entire policy.
Is it even possible?
With its default setting to Allow only local requests, Pi-hole will handle DNS requests for subnets associated to all of its host's network interfaces.
Your VPN client wouldn't match any of those interfaces subnet.
There are other ways to overcome this besides Pi-hole's Permit all origins, each with their own advantages and drawbacks, but they wouldn't involve Pi-hole, e.g. you could try to attach a VPN IP to one of your Pi-hole host's network interfaces, or you could NAT your VPN client's requests, so they would arrive from a source IP from a known subnet.
You would have to make an effort to reseach these options, along with their viabilty for your specific setup - or go with Pi-hole's Permit all origins.
If your Pi-hole is running in your home network, and your router running as OpenVPN server is properly firewalled (in particular, inbound port 53 and 80 are closed), the risk of involuntarily exposing Pi-hole via that option would be minimal.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.