Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
PiHole DNS Traffic blocked over VPN
« previous
next »
Print
Pages: [
1
]
Author
Topic: PiHole DNS Traffic blocked over VPN (Read 845 times)
smrus852
Newbie
Posts: 4
Karma: 0
PiHole DNS Traffic blocked over VPN
«
on:
March 27, 2024, 10:36:13 am »
Hi!
I have an issue I can't figure out when on my VPN network. The Problem is that I can't use my PiHole DNS Server While connected via VPN.
Here is the Setup:
- I have an OPNsense firewall
- I have configured a VPN server with all the certificates etc. needed and everything works.
- I have a home Server running TrueNas Scale where I installed piHole in a VM (Was not able to connect Hardware interface directly to get a LAN IP so I setup the VM instead).
- All DNS Services are running as Expected based on command line in that VM
> Also ran Updates and Flushed DNS on My MAcBook
- What I am trying to do:
> Connect to my Home Network from My MacBook > Possible (Able to access TrueNas, Firewall, Windows and PiHole VM via internal LAN IP)
> Use PiHole as my DNS Server remotely > Not Possible
- I use the "Viscosity" App for connecting my VPN
> I Tried setting the DNS in the Network settings of that VPN and Forcing all DNS Requests trough it, and ignoring DNS Settings from VPN Server
> I also tried Setting up the DNS Server directly in my MacBook Settings
- Result:
> If can always connect to my LAN devices directly
> I am able to lookup things on google. (Both in Safari and Brave Browser)
> I am never able to open anything else with a timeout being the result
> Checking my Firewall I can see that traffic from local LAN to VPN Subnet is being blocked - See Picture. (There are many more of these)
> The rule that Blocks traffic from 10.100.0.200 is an Automatically generated rule (See 2nd Picture)
Additional Info:
> 10.100.0.200: my NAS Server where the PiHole VM runs;
> 10.100.0.253: PiHole has IP set and active. I can Ping it from my Windows VM inside the LAN, I can ping from it to google / 8.8.8.8 > Connection is definitely active
> 10.100.0.254 > OPNSense Firewall
> 10.100.1.6 > VPN IP Address of my MacBook
> I have had no issues so far from using PiHole in my Windows VM > Everything works perfectly fine.
> Active Services:
>>ClamAV - both clamd service and freshclam service
>> Intrusion Detection
> WebProxy and Local Caching with 150.000 MB in size ( Service > WebProxy > Administration )
>> I almost assume that my google searches might work because of this when having the DNS on, but I just realised this while writing this.
What I already did:
> Remove that automatically generated rule > Google/OPNsense forum says that its not possible/intended
> Tried to figure out how Routes work and Set a static route > Was not able to understand how this works at all
> Before I had TrueNas Scale I used Proxmox and it worked perfectly.
> Spend some time trying to google and ChatGPT for answer but found nothing I really understood or knew how to do.
My conclusions is that whatever that automatically generated rule is it obviously triggers and blocks the traffic, but I don't know how to circumvent that.
Id appreciate some help this!
Logged
smrus852
Newbie
Posts: 4
Karma: 0
Re: PiHole DNS Traffic blocked over VPN
«
Reply #1 on:
March 27, 2024, 10:39:29 am »
Small Update/Edit to the above:
I turned off all noted Services and the issue still occurs with all of them off.
Logged
smrus852
Newbie
Posts: 4
Karma: 0
Re: PiHole DNS Traffic blocked over VPN
«
Reply #2 on:
March 27, 2024, 09:28:18 pm »
Now that I am able to be home, I can confirm that within the LAN (VPN Turned off) an manually setting the DNS Server in MacOS WiFi settings, the DNS Server also works as it does in the W10 VM.
Im not able to find a subnetting Sub-Forum so I hope Im still right in the VPN forum.
Logged
smrus852
Newbie
Posts: 4
Karma: 0
Re: PiHole DNS Traffic blocked over VPN
«
Reply #3 on:
April 09, 2024, 08:55:54 am »
I solved/circumvented the Problem: I figured out that it's much easier to use the built in "Unbound DNS" for what IM trying to achieve. Not quite as good - at least with the AdGuard Block list - but it works. It also has DoT Built in, so it worked out good.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
PiHole DNS Traffic blocked over VPN