Wireguard+Adguard

[yeraycito]

1 - I have installed wireguard following this tutorial https://homenetworkguy.com/how-to/configure-wireguard-opnsense/  without putting any dns server in the Local section of the wireguard configuration.

2 - I have installed the Adguard plugin according to this tutorial https://forum.opnsense.org/index.php?topic=22162.msg85979;boardseen#new

3 - I use Nextdns

4 - On an Android phone I install wireguard

Problems:

- Without setting dns servers in the wireguard server/client configuration the connection is perfect but looking at the Adguard logs I do NOT see the mobile connection. If I enter NextDNS via the web (not Adguard), these records do appear.

- If in the wireguard server/client configuration I set the dns servers 192.168.1.1 when I look at the logs of the Adguard plugin, the mobile connection does appear. However, although the connection is perfect, I don't have internet on my mobile.
If I remove the dns from the wireguard configuration I have internet on my mobile but the records do NOT appear in the Adguard plugin, they DO appear on the NextDNS website.

[Mar16]

Hi Yeraycito,

Were you able to solve the problem, I seem to be having the same issue. If I have adguard plugin running I am to access the LAN, but no internet.

If I disable the adguard plugin and use unbound dns, I am able to access the internet.

[yeraycito]

Hello, the problem is not solved. If you activate the dns in the wireguard configuration with adguard activated there is no internet connection. However, if you do not activate the dns in the wireguard configuration there is an internet connection without problems but no records appear in adguard.

[Mar16]

Ok, thanks. I had a spare raspberry pi so I am running adguard home on it now so I can have the ad blocking on wireguard.

[fktkjdz]

I had the same problem.
I had internet again when I entered the Wireguard server address as DNS in the clients

[yeraycito]

Problem solved.      Configuration in Opnsense:

1 - VPN - Wireguard - Local:

Tunnel Adress 10.0.0.1/24    ( example )

Dns Server: EMPTY

2 - Firewall - Rules - WG:  Add rule:

Action: Pass         tcp: ipv4       Protocol: any       Source: WG net        Destination:  any

3 - Firewall - Rules - Wireguard: Add rule:

Action: Pass         tcp: ipv4       Protocol: any       Source: WireGuard net        Destination:  any

4 - Smartphone client wireguard:

Edit configuration: DNS servers: 10.0.0.1

[liliumhyu]

To those who have successfully got a handshake (a number other than 0) under VPN / Wireguard / Handshakes but have issues with DNS (I was getting DNS_PROBE_POSSIBLE in the browser) make sure that the DNS servers field on the Wireguard android app has the same IP as the IP under VPN / Wireguard / Local  - Tunnel Addresses column (without / CIDR).

[MarshallCS]

Thank you Thank you Thank you!

[Mario_Rossi]

Thanks for the info.
Now I have my android cell constantly connected with wireguard to the home opn and clean navigation without using particular apps and also bypassing YouTube/Chrome advertisements.