.There are entries in my Pi-hole log that lead me to believe that my WireGuard connection from my laptop (Gecko) is not working properly.
My network configuration is as follows:
I have a FritzBox to which a Raspberry Pi is connected via Ethernet. Several services are running on this Raspberry Pi: Pi-hole, Unbound and WireGuard.
I have set up the WireGuard server correctly so that the VPN connection to my laptop, on which Windows 11 is installed, and my cell phone works - both internally, locally in the network (NAT pinning) and from outside (DynDNS).
Once the VPN connection between my laptop and the WireGuard server is established, I assume that all traffic between the laptop and the WireGuard server is routed through the VPN tunnel. However, it does not, as the logs from Pi-hole show; in this example, I am accessing the test.de site:
"May 4 23:06:54: query[A] test.de from 192.168.178.23
May 4 23:06:54: forwarded test.de to 127.0.0.1#5335
May 4 23:06:54: query[A] test.de from 10.100.0.3
May 4 23:06:54: reply test.de is 128.65.209.28
May 4 23:06:54: query[A] test.de from 192.168.178.23
May 4 23:06:54: cached test.de is 128.65.209.28
May 4 23:06:54: query[A] test.de from 10.100.0.3
May 4 23:06:54: cached test.de is 128.65.209.28
May 4 23:06:54: query[AAAA] test.de from 192.168.178.23
May 4 23:06:54: forwarded test.de to 127.0.0.1#5335
May 4 23:06:54: query[AAAA] test.de from 10.100.0.3
May 4 23:06:54: reply test.de is NODATA-IPv6
May 4 23:06:54: query[A] www.test.de from 192.168.178.23
May 4 23:06:54: forwarded www.test.de to 127.0.0.1#5335
May 4 23:06:54: query[A] www.test.de from 10.100.0.3
May 4 23:06:54: reply www.test.de is 128.65.209.28
May 4 23:06:54: query[A] www.test.de from 192.168.178.23
May 4 23:06:54: cached www.test.de is 128.65.209.28
May 4 23:06:54: query[A] www.test.de from 10.100.0.3
May 4 23:06:54: cached www.test.de is 128.65.209.28
May 4 23:06:54: query[AAAA] www.test.de from 192.168.178.23
May 4 23:06:54: forwarded www.test.de to 127.0.0.1#5335
May 4 23:06:54: query[AAAA] www.test.de from 10.100.0.3
May 4 23:06:54: query[A] cdn.test.de from 192.168.178.23
May 4 23:06:54: forwarded cdn.test.de to 127.0.0.1#5335
May 4 23:06:54: query[A] cdn.test.de from 10.100.0.3"
You can see that the requests come from two interfaces: once from the IP (192.168.178.23) assigned to my laptop by the FritzBox, and from the IP (10.100.0.3) assigned to the laptop by the WireGuard server.
This contradicts my expectations. After the VPN connection has been successfully established, shouldn't the data traffic only be routed via the IP 10.100.0.3?
If I do the same test with my Android phone, the Pi-hole log looks like this:
May 4 23:11:41: query[A] test.de from 10.100.0.2
May 4 23:11:41: cached test.de is 128.65.209.28
May 4 23:11:41: query[A] www.test.de from 10.100.0.2
May 4 23:11:41: cached www.test.de is 128.65.209.28
May 4 23:11:42: query[A] cdn.test.de from 10.100.0.2
May 4 23:11:42: cached cdn.test.de is <CNAME>
May 4 23:11:42: cached swliveweb.azureedge.net is <CNAME>
May 4 23:11:42: cached swliveweb.afd.azureedge.net is <CNAME>
May 4 23:11:42: cached azureedge-t-prod.trafficmanager.net is <CNAME>
May 4 23:11:42: cached shed.dual-low.part-0017.t-0009.t-msedge.net is <CNAME>
May 4 23:11:42: cached part-0017.t-0009.t-msedge.net is 13.107.246.45
May 4 23:11:42: cached part-0017.t-0009.t-msedge.net is 13.107.213.45
May 4 23:11:42: query[A] experience-eu.piano.io from 10.100.0.2
May 4 23:11:42: cached experience-eu.piano.io is 104.16.144.111
May 4 23:11:42: cached experience-eu.piano.io is 104.16.143.111
May 4 23:11:42: query[A] cdn-eu.piano.io from 10.100.0.2
May 4 23:11:42: cached cdn-eu.piano.io is 104.16.143.111
May 4 23:11:42: cached cdn-eu.piano.io is 104.16.144.111
May 4 23:11:43: query[A] c2-eu.piano.io from 10.100.0.2
May 4 23:11:43: cached c2-eu.piano.io is 104.16.144.111
May 4 23:11:43: cached c2-eu.piano.io is 104.16.143.111
May 4 23:11:46: query[A] buy-eu.piano.io from 10.100.0.2
May 4 23:11:46: cached buy-eu.piano.io is 104.16.143.111
May 4 23:11:46: cached buy-eu.piano.io is 104.16.144.111
Although I am connected to the cell phone locally in my WLAN network, like my laptop, no query from the IP that my FritzBox has assigned to my cell phone appears in the log, but the query is only resolved within the VPN tunnel.
Possible solutions:
Since the kill switch of the WireGuard client does not seem to work properly, I have to configure Windows 11 so that all traffic is routed through the VPN tunnel (10.100.0.3).
I would greatly appreciate any assistance in understanding and resolving this issue with my WireGuard setup on Windows 11