Unbound dns through wireguard VPN

Started by FredFresh, October 24, 2024, 06:42:16 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
October 29, 2024, 11:13:41 AM #15
Quote from: FredFresh on October 29, 2024, 11:08:33 AM
That settings only specify the external dns ip...isn't it?
I believe so
October 29, 2024, 11:18:10 AM #16
Today I will try again to set an outgoing rule from wan to redirect the dns queries towards the vpn gateway.
It seems that the query is properly redirected but i do not understand what is missing...should I create a NAT rule as done for the internal lan towards the VPN gateway?
November 24, 2024, 09:55:42 AM #17
@dseven thank you!
I had to change something but finally I was able to route everything (in this case only the unbound dns was missing) through the VPN gateways.
To do so I had to set the VPN gateway as default gateway but the involved flag are two:
- system-configuration-VPN gateway- flag on "Upstream Gateway" (and set a priority number lower than WAN gateway)
- system-settings-general- flag on "Gateway switching"

This way the VPN gateways become eligible as default gateway and everything is routed through that.

From previous ocnfiguration:
- kept the NAT rules for the VPN Gateways;
- removed the gateway group used to manage the multi-wan (now directly managed in the main gateway page);
- updated the internal subnets firewall PASS rules to the default gateway.

Please, if you think of any error /suggestion, let me know.
July 26, 2025, 06:41:17 PM #18
Thanks FredFresh, this helped me very much.

I'd add for other people researching this, under Services > Unbound DNS > General > [select advanced], under "Outgoing Network Interfaces" deselect all interfaces so that "All (recommended)" shows up and Unbound then will allow the operating system to select what interface to use, and so traffic will go out the default gateway.
Print
Go Up Pages 1 2
User actions