Wireguard VPN (road warrior) & selective routing to Wireguard end point w PiHole

Started by Lost_Ones, April 30, 2023, 03:37:40 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 30, 2023, 03:37:40 AM Last Edit: April 30, 2023, 03:56:51 AM by Lost_Ones
I may be making this more complicated then necessary, but I am hoping there is a solution that I am not seeing.

Using the Opnsense documentation for both roadwarrior and the selectiverouting to a Mulvad wireguard endpoint, I have both working. Finally :)

For example, I can re-IP my host to one that matches an Alias that is allow to use the Mulvad VPN, and DNS is resolved locally on my PiHole.   Additionally, I can VPN back to my Opnsense from my cell phone while also using my PiHole.  Now, if I were to try to mash the two together, such as adding the phone's IP to the Alias list that is allowed to use Mulvad, I do get to the desired endpoint, but I am not using my local PiHold for DNS.   

Here is my outbound NAT,  allowed mulvad IPs are single host IPs from the LAN net and there are also 10.10.10.x that are from the Wireguard configurations.   ( I hope that you are seeing this screenshot as I cant  :) )  These are the same as the documentation here and here
https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html
https://docs.opnsense.org/manual/how-tos/wireguard-client-mullvad.html
 


Wireguard and the LAN Rule basically are the same where the Host alias list allowed to the RFC1918 then out out Mulvad_GW.

I feel that if I have a working VPN connection back to OPNsense, and I just added the IP to the Alias, I would be in busness.  Well technically I am, but just not using my local DNS via PiHole as I desire.  My gut feeling is there is something with NAT, but I cannot visualize this, and I hope I can get pointed in the correct direction.   

Thank you for your time,


Print
Go Up Pages1
User actions