AdGuard Home setup guide

[Flyinace2000]

My ISP provides IPv6 addresses.  When I enable that on OPNSense it also directs DNS via IPv6.  Is there a good guide to follow to explain how to use IPv6 in a home environment and still use PIHole/Adguard for filtering?  For now I just disabled IPv6.

[mkono87]

Perhaps Im missing a step. If I dont have an ip listed in Settings/General in the DNS servers list. I dont have internet. I have to put 8.8.8.8 which I believe is defeating the purpose. I dont see any entries in adguard for my desktop for example. If i leave it blank I have no internet on it.

I have first changed unbound to 5353 but I have also disabled it. What could I be missing?

[Lxndr]

Hi all,

I've just migrated my firewall from the ubiquiti unifi udm pro to opnsense, I've been reading the forum for several months now and following my migration I'm quite curious on how to go about implementing NextDNS in addition to my Adguard/Unbound setup, so after following Yeracito's guide on how to use Adguard home standalone with Unbound in Opnsense I want to follow yet again another Yeracito's set of instructions but I believe that there were some changes between the version Yeracito was using when he posted his print screens and the latest Opnsense version which I'm currently running as I don't have a miscellaneous section under Services / Unbound nor Unbound /General / Custom Options.

Could someone guide me on which Unbound section I should be using to set this up?

Installation;

Let's go to   https://nextdns.io/    and register for free. Once registered you are given a personalised ID and dns.

Opnsense instalation:

- Follow the tutorial explained above for Adguard.

- Unbound - General - Custom Options: add                 ( XXXXXX is a custom ID in NextDns )


server:
      tls-cert-bundle: "/etc/ssl/cert.pem"
  forward-zone:
    name: "."
    forward-tls-upstream: yes
    forward-addr: 45.90.28.0#XXXXXX.dns1.nextdns.io
    forward-addr: 2a07:a8c0::#XXXXXX.dns1.nextdns.io
    forward-addr: 45.90.30.0#XXXXXX.dns2.nextdns.io
    forward-addr: 2a07:a8c1::#XXXXSS.dns2.nextdns.io

Thanks in advance.

[yeraycito]

Hello, you can do it in the following way.

1 - Go to the NextDns website and copy the address that appears in the Dns over https section: https://dns.nextdns.io/xxxxx

2 - Disable Unbound

3 - In Adguard - Settings - DNS settings you set that address.

[Lxndr]

Hello, you can do it in the following way.

1 - Go to the NextDns website and copy the address that appears in the Dns over https section: https://dns.nextdns.io/xxxxx

2 - Disable Unbound

3 - In Adguard - Settings - DNS settings you set that address.

Thanks Yeraycito

One additional question, is there anyway to keep the Unbound enabled?

[yeraycito]

No, disable Unbound

[Lxndr]

Thanks Yeraycito!

[jonohunt]

I've been using this post as a reference setting up AdGuard was Unbound (very helpful, thanks!), but haven't managed to get hostnames showing in AdGuard, only IP addresses.

I thought of ditching Unbound and using just AdGuard for DNS and DHCP, but then remembered that I'm using overrides in Unbound in order to be able to use Nginx Proxy Manager. I have a FQD with a wildcard certificate to access my web apps (Home Assistant, Plex, Syncthing, etc.) but only internally, not accessible outside of my LAN.

Would doing that still be possible if I were to disable Unbound and only use AdGuard?

[Lxndr]

Hello,

Guys I have a question concerning the use of NextDNS within AdGuard, I have AdGuard running on 2 separate RPIs,  so in case one fails we still have a DNS working, of course OpnSense points to both, my issue here is that First of all, I had to add the relevant https://dns.nextdns.io/xxxxx on the in the Dns upstream session and add the "normal IPs' (45.X.X.X.)in the section below concerning the DNS bootstramp, to get it working on the 1st RPI, but added that same information on the 2nd one I get an error stating that it's impossible to use https://dns.nextdns.io/xxxxx please check that the name is correct.

Not sure what I'm doing wrong here so any advise will be appreciated, please note that if I use the Cloudflare https://family.cloudflare-dns.com/dns-query with the 1.X.X.3 that works for the 2nd RPI, is there a limitation to 1 global device per network for the usage of NextDNS within AdGuard?

Any one has already had this issue, is it the expected behaviour?

thanks in advise for taking the time to help out, any advise will be highly appreciated.

[Nekromantik]

anyway to update adguard?
it has shown me new version notification for few weeks now

[RamSense]

I just hit update in AdGuard Home and it updates itself.

[Nekromantik]

I just hit update in AdGuard Home and it updates itself.

ah I thought it would not work as its a plugin!
thanks

[Lxndr]

Hello,

Guys I have a question concerning the use of NextDNS within AdGuard, I have AdGuard running on 2 separate RPIs,  so in case one fails we still have a DNS working, of course OpnSense points to both, my issue here is that First of all, I had to add the relevant https://dns.nextdns.io/xxxxx on the in the Dns upstream session and add the "normal IPs' (45.X.X.X.)in the section below concerning the DNS bootstramp, to get it working on the 1st RPI, but added that same information on the 2nd one I get an error stating that it's impossible to use https://dns.nextdns.io/xxxxx please check that the name is correct.

Not sure what I'm doing wrong here so any advise will be appreciated, please note that if I use the Cloudflare https://family.cloudflare-dns.com/dns-query with the 1.X.X.3 that works for the 2nd RPI, is there a limitation to 1 global device per network for the usage of NextDNS within AdGuard?

Any one has already had this issue, is it the expected behaviour?

thanks in advise for taking the time to help out, any advise will be highly appreciated.

Anyone to advise on the above please? Thanks

[inlophe]

Hi,

Thank you for the guide. As I'm new to Opnsense, it helps a lot.

I run into one problem though.
My setup is using unbound as resolver, so: LAN -> AdGuard (listening on 53) -> unbound (listening on 53530) -> DoT server. DNS resolution works fine for all the client, adguard's doing its job properly too, except for the router itself.  Tried to ping public domain from the router shell gives me Host name lookup failure and I can't update firmware and plugins because of that.

When I disable AdGuard and change my unbound port back to 53 it works, I can ping and update from the router.

Is there any settings that I should know of?

[wadhwa]

I have extended to backup AdGuardHome.yaml file using Git backup plugin (which is a pre-requisite).

1) login to shell in OpnSense

2) edit actions_adguardhome.conf

Code Select Expand

vi /usr/local/opnsense/service/conf/actions.d/actions_adguardhome.conf

3) Insert following:

Code Select Expand

[backup]
command:cp /usr/local/AdGuardHome/AdGuardHome.yaml /conf/backup/git ; cd /conf/backup/git; git add AdGuardHome.yaml; git commit -m "Adguard Config changes on `date`" AdGuardHome.yaml
parameters:
type:script
message:backing up Adguardhome config
description:Backup Adguardhome config

See 1.png attached

5)  Restart configd

Code Select Expand

service configd restart

6) Configure Corn job in Web UI

See 2.png attached

7) Result See 3.png attached