Whitelisted item blocked only while connected to home network via VPN, but not while actually on home network (wifi)

I reached out on Reddit, but no replies... so trying here. I cannot figure this out. I have whitelisted chtbl.com so that my podcasts can start working again, but it keeps getting blocked on my iPhone but ONLY while I'm connected to my home network via VPN (wireguard). I do this, like many others, so that while I'm not connected to my home wifi, I can still get ads blocked. So I'm using wireguard on my iPhone to connect to home network while I'm not home. When I'm home on my home wifi, the domain (chtbl.com) is being forwarded properly to my upstream DNS, like I expect it to because I've whitelisted this domain. But as soon as leave my home wifi and connect to home via VPN, that domain gets blocked again.

Expected Behaviour:

I expect the domain to be forwarded properly since it's whitelisted, like it does when I'm actually connected to my home wifi.

Actual Behaviour:

The domain is being blocked when I VPN to my home network.

Debug Token:

This is what the pihole log sees what I'm using the VPN:

Apr 20 20:41:58 dnsmasq[24972]: query[A] chtbl.com from 10.6.0.2
Apr 20 20:41:58 dnsmasq[24972]: gravity blocked chtbl.com is 0.0.0.0

But when I do the same thing on my home wifi, I get this:

Apr 20 20:44:42 dnsmasq[24972]: query[A] chtbl.com from 192.168.2.3
Apr 20 20:44:42 dnsmasq[24972]: forwarded chtbl.com to 8.8.4.4
Apr 20 20:44:42 dnsmasq[24972]: reply chtbl.com is 13.225.148.87
Apr 20 20:44:42 dnsmasq[24972]: reply chtbl.com is 13.225.148.107
Apr 20 20:44:42 dnsmasq[24972]: reply chtbl.com is 13.225.148.115
Apr 20 20:44:42 dnsmasq[24972]: reply chtbl.com is 13.225.148.49

So it is being forwarded properly while on wifi, but when I'm connected using the VPN, it's blocked.

Please post the debug token if you'd like a support team member to look at your issue.

Link, please?

Sorry, here it is:
https://tricorder.pi-hole.net/nyvaqqergn
Not sure if the relevant info is in there. How do I tell?

https://www.reddit.com/r/pihole/comments/muckp5/whitelist_item_not_being_honored_on_iphone_only/

Well great. Now it’s not working while I am on WiFi at the house either lol this is insane. The query log says the domain is being blocked, but the same domain is showing up in the whitelist. When I do “-q chtbl.com” it shows up in both the block and whitelist. Losing my mind over here.

You've defined three exact matches for ext.chtbl.com, web.chtbl.com and chtbl.com, all assigned to the default group exclusively. Furthermore, the default group seems to be disabled.

On the other hand, all of your clients are configured for either group id 2 or 1, so none of your defined clients would apply those.

I don't understand. When I look at my whitelist, there are no defined groups for whitelists. Are you telling me that I'm supposed to be able to set groups for my whitelist also, not just block lists? Because I'm not seeing it.

image1294×150 5.78 KB

Oh, I see it now. It's under "domains" and not just whitelist. Well, that's confusing.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.