Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Documentation and Translation
(Moderator:
fabian
) »
AdGuard Home setup guide
« previous
next »
Print
Pages:
1
[
2
]
3
4
...
23
Author
Topic: AdGuard Home setup guide (Read 351926 times)
N0_Klu3
Jr. Member
Posts: 93
Karma: 2
Re: AdGuard Home setup guide
«
Reply #15 on:
March 28, 2021, 10:21:02 am »
Yeah, and I find it works much quicker especially vs PiHole or external DNS
Logged
yeraycito
Sr. Member
Posts: 288
Karma: 17
Re: AdGuard Home setup guide
«
Reply #16 on:
April 04, 2021, 08:16:42 pm »
Opnsense 21.1.4 Installation:
1 - Activate mimugmail's community repository
2 - Install AdGuardHome from System --> Firmware --> Plugins
3 - Activate and start AdGuardHome from Services --> AdGuardHome
4 - Navigate to
http://your.opnsense:3000/
to complete the setup
5 - In Adguard Home - DNS Configuration - Upstream Servers: Set the desired servers ( 1.1.1.1, 8.8.8.8 etc )
6 - In Opnsense disable Unbound. In case you want to use it leave it activated by changing the port to 5353 and in Adguard Home - DNS Configuration - Upstream Servers add router_ip:5353
- It is not necessary to activate the internal opnsense dns ( 127.0.0.1 ) in Opnsense in System-Settings-General
- No need to make port forward rules to forward all DNS (Port 53) traffic to AdGuard
- No need to set dns servers to DHCP
DNS over HTTPS - DNS over TLS:
Option 1:
- In Opnsense - Unbound - Miscellaneous set the desired dns servers 1.1.1.1@853 8.8.8.8@853
- Active Unbound in port 5353
- In Adguard Home - DNS Configuration - Upstream Servers add router_ip:5353
Option 2 ( Unbound disabled ):
https://github.com/AdguardTeam/AdGuardHome/wiki/Encryption
«
Last Edit: April 04, 2021, 08:50:56 pm by yeraycito
»
Logged
yeraycito
Sr. Member
Posts: 288
Karma: 17
Re: AdGuard Home setup guide
«
Reply #17 on:
April 04, 2021, 10:34:51 pm »
Recommended DNS blocklists: 1Hosts (Pro) - Goodbye Ads - Energized Ultimate - Lightswitch05 - Steven Black - oisd
Installation in Adguard: Filters - DNS blocklist - Add blocking list - Add custom list
-
https://hosts.netlify.app/Pro/adblock.txt
-
https://raw.githubusercontent.com/jerryn70/GoodbyeAds/master/Hosts/GoodbyeAds.txt
-
https://block.energized.pro/ultimate/formats/hosts.txt
-
https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt
-
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
-
https://hosts.oisd.nl/
Extra. in Adguard: Filters - DNS blocklist - Add blocking list - Choose from the list:
- Perflyst's Smart-TV Blocklist
«
Last Edit: April 04, 2021, 10:36:59 pm by yeraycito
»
Logged
Patrick M. Hausen
Hero Member
Posts: 6797
Karma: 571
Re: AdGuard Home setup guide
«
Reply #18 on:
April 04, 2021, 10:56:14 pm »
@yeraycito thanks for those lists. Which criteria did you apply when picking them?
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
yeraycito
Sr. Member
Posts: 288
Karma: 17
Re: AdGuard Home setup guide
«
Reply #19 on:
April 04, 2021, 11:48:34 pm »
Unlike the ones Adguard comes with, these are much more complete. Each of them includes many other lists. They are the most complete I have found. If you put these in, you don't need any more.
Logged
yeraycito
Sr. Member
Posts: 288
Karma: 17
Re: AdGuard Home setup guide
«
Reply #20 on:
April 05, 2021, 01:11:31 am »
Many of the lists I have posted block most of Google's telemetry and spying but not all of it. More can be done.
Adguard - Filters - Custom filtering rules - add:
||dnsotls-ds.metric.gstatic.com^
||encrypted-tbn0.gstatic.com^
||encrypted-tbn2.gstatic.com^
||mtalk.google.com^
||metric.gstatic.com^
||chart.apis.google.com^
||cse.google.com^
||encrypted-tbn1.gstatic.com^
||www.gstatic.com^
||fonts.gstatic.com^
||ogs.google.com^
||ssl.gstatic.com^
||aa.google.com^
||encrypted-tbn3.gstatic.com^
||pki-goog.l.google.com^
||signaler-pa.clients6.google.com^
||addons-pa.clients6.google.com^
||apis.google.com^
||0.client-channel.google.com^
||clients2.google.com^
Result after applying the rules:
- Google searches: OK
- Gmail: OK
- Youtube: OK
- Instagram: OK
- Android: OK
- Playstore: OK
«
Last Edit: April 05, 2021, 02:15:14 am by yeraycito
»
Logged
Jaxon
Newbie
Posts: 7
Karma: 0
Re: AdGuard Home setup guide
«
Reply #21 on:
April 12, 2021, 10:59:42 pm »
@yeraycito
Just a shout out to say thanks for your contributions to this thread. I found them very useful, and have Unbound / AdGuard working well together. Ads are gone, DNS lookups are resolving quickly. Your suggested blocklists are awesome!
That said, I'm still a little (embarrassingly) confused about something. That is, getting the LAN reverse lookups to function. Below I'll show one setup where the reverse looks actually do resolve, but upstream DNS resolver ends up being one of my two ISPS, and a second where upstream resolver is cloudflare, but then the reverse lookups stop working.
I have the following OPNSense Configuration:
Dual WAN, two gateway setup (might not be relevant to the discussion)
System/Settings/General:
- DNS Servers: all empty
Services/Unbound DNS/General:
- port: 5353
- DNSSEC: enabled
- DHCP Registration: enabled
- DHCP Static Mappings: enabled
- Local Zone Type: transparent
AdGuard Settings:
1) With this setup, reverse look ups function. That is, inside AdGuards Top Clients, I can see host names are resolving. However, upstream DNS server is my ISPs DNS server.
Adguard/DNS Settings:
127.0.0.1:5353
Bootstrap DNS servers:
127.0.0.1:5353
9.9.9.10
149.112.112.10
2620:fe::10
2620:fe::fe:10
2) Now, if I change the following, I get the reverse behaviour. Inside AdGuards Top Clients, I can see only IPs (no host names), but upstream DNS is now showing up as 108.162.218.241 (Cloudflare).
Adguard/DNS Settings:
127.0.0.1:5353
1.1.1.1
1.0.0.1
I've also experiments with a few things to no avail, like:
[/168.192.in-addr.arpa/]127.0.0.1:5353
[/168.192.in-addr.arpa/]127.0.0.1
[/168.192.in-addr.arpa/]192.168.0.1:5353
[/168.192.in-addr.arpa/]192.168.0.1
Do you have any suggestions what I might be doing wrong?
Logged
yeraycito
Sr. Member
Posts: 288
Karma: 17
Re: AdGuard Home setup guide
«
Reply #22 on:
April 13, 2021, 07:36:06 pm »
Hello, for the dns not to be those of your isp you have to put one in unbound. To resolve the hostnames you can add them better in the Adguard configuration.
Logged
yeraycito
Sr. Member
Posts: 288
Karma: 17
Re: AdGuard Home setup guide
«
Reply #23 on:
April 13, 2021, 07:38:09 pm »
My settings:
System/Settings/General:
- DNS Servers: all empty
- Do not use the local DNS service as a nameserver for this system: cheked
Services/Unbound DNS/General:
- port: 5353
- DNSSEC: enabled
- DHCP Registration: disabled
- DHCP Static Mappings: disabled
- Local Zone Type: transparent
Unbound DNS - Miscellaneous - DNS over TLS Servers: 1.1.1.1@853 1.0.0.1@853
In Adguard Home - DNS Configuration - Upstream Servers: 192.168.1.1:5353
In Adguard Home - DNS Configuration - Bootstrap DNS servers: 192.168.1.1:5353
In Adguard Home - configuration - clients configuration - add client: Add ip and hostname
Logged
yeraycito
Sr. Member
Posts: 288
Karma: 17
Re: AdGuard Home setup guide
«
Reply #24 on:
April 13, 2021, 08:50:53 pm »
A good complement is also to use NextDns dns servers.
Logged
yeraycito
Sr. Member
Posts: 288
Karma: 17
Re: AdGuard Home setup guide
«
Reply #25 on:
April 13, 2021, 08:51:30 pm »
They are just as fast as Cloudflare's but add more protection and the ability to add blocklists.
Logged
yeraycito
Sr. Member
Posts: 288
Karma: 17
Re: AdGuard Home setup guide
«
Reply #26 on:
April 13, 2021, 09:04:18 pm »
Installation;
Let's go to
https://nextdns.io/
and register for free. Once registered you are given a personalised ID and dns.
Opnsense instalation:
- Follow the tutorial explained above for Adguard.
- Unbound - General - Custom Options: add ( XXXXXX is a custom ID in NextDns )
server:
tls-cert-bundle: "/etc/ssl/cert.pem"
forward-zone:
name: "."
forward-tls-upstream: yes
forward-addr: 45.90.28.0#XXXXXX.dns1.nextdns.io
forward-addr: 2a07:a8c0::#XXXXXX.dns1.nextdns.io
forward-addr: 45.90.30.0#XXXXXX.dns2.nextdns.io
forward-addr: 2a07:a8c1::#XXXXSS.dns2.nextdns.io
Logged
Dimi3
Jr. Member
Posts: 51
Karma: 2
Re: AdGuard Home setup guide
«
Reply #27 on:
April 19, 2021, 06:44:56 pm »
I installed adguard plugin...everything seems to be working ok...only under plugins the adguard is marked as miss-configured ? Why is that?
Logged
wirehire
Full Member
Posts: 148
Karma: 5
Re: AdGuard Home setup guide
«
Reply #28 on:
April 20, 2021, 12:38:45 pm »
hello,
where can i found the logfile? on /var/log i found no adguard file.
Thanks
Logged
Spritzup
Newbie
Posts: 5
Karma: 0
Re: AdGuard Home setup guide
«
Reply #29 on:
April 20, 2021, 03:54:49 pm »
Transfer from PiHole (running on a Pi) to AdGuard on OPNSense went flawlessly. By using a virtual IP for AdGuard, I didn't even need to change any of my preconfigured rules, which was nice. I had allocated myself a few hours to get this done, and it ended up taking less than 15 minutes
Question though. One of the "optimizations" that is sometimes recommended when using PiHole in conjunction with Unbound is to disable DNS caching on the pi-hole, so that all DNS lookup is handled by Unbound. Would this provide any benefit with AdGuard?
Thanks!
EDIT - So an oddity. Using a virtual IP, it showed no port conflicts using Port 80 or Port 53, and everything worked great a day. Today I decided to tweak some unbound settings and had to restart the service... and it wouldn't start due to a port conflict. Any ideas?
~Spritz
«
Last Edit: April 20, 2021, 08:15:13 pm by Spritzup
»
Logged
Print
Pages:
1
[
2
]
3
4
...
23
« previous
next »
OPNsense Forum
»
English Forums
»
Documentation and Translation
(Moderator:
fabian
) »
AdGuard Home setup guide