Wiregaurd and internal DNS

Wiregaurd and internal DNS

Wiregaurd and internal DNS
Wiregaurd and internal DNS
2024-11-06 14:20:56 - last edited 2024-11-07 00:07:27
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: 2.2.6

 

I am currently trying to set up so that I can use my ER605 as my Wireguard VPN client. I have been able to set it all up that I can connect to the router and surf the internet. The problem is that when I do connect into my VPN it appears to not be using my internal DNS server, which is running piHole. 

 

In the past I have been able to have things running my connecting into an internal device that is running Wireguard via Docker and that seems to work as expected. I really would prefer to remove this to my router. 

 

Since most of the Docker tutorials etc are pretty basic I totally understand that I lack some of the advanced networking knowledge, I have just started to dive in to advanced business networking gear. 

 

I have attached some of the configurations below for my set up and I hope that some one can guide me with what I am doing wrong. 

 

 

Peer Set up

 

Laptop Config

 

 

Thank you for taking the time!

  0      
  0      
#1
Options
1 Accepted Solution
Re:Wiregaurd and internal DNS-Solution
2024-11-07 00:07:23 - last edited 2024-11-07 00:07:27

  @MR.S 

Thank you for your help in helping be actually dive deeper into the issue. The issue had nothing to do with the Wiregaurd setup! 

 

I had to chage my piHole dns interface settings to "Permit all origins" 

 

Thank you again for your help solving this issue. 

 

Cheers, 

Recommended Solution
  1  
  1  
#7
Options
6 Reply
Re:Wiregaurd and internal DNS
2024-11-06 17:33:01

  @CeApollo 

 

you must not use the same ip in the vpn tunnel as you have on the lan they must not overlap. also don't use /24 network in vpn, use /32 on server and client, /32 on each peer with unique ip and key
then you set 192.168.5.2 as dns on the wireguard client.

 

  0  
  0  
#2
Options
Re:Wiregaurd and internal DNS
2024-11-06 18:16:34

  @MR.S 

 

Thanks for the feedback! 

 

So if I understand you correctly I need to set it up as follows for my peer

 

 

I am using a different ip address then my LAN. 

 

Do I also need to change that on my wireguard setup for my Local IP Address?

 

I had also adjusted my Interface to use this the 10.0.0.4/32 for the Address. Even with this set up it is still not communicating with my DNS server on 192.168.5.2 which I have also setup. 

 

I appreaciate your help! 

  0  
  0  
#3
Options
Re:Wiregaurd and internal DNS
2024-11-06 18:31:08

  @CeApollo 

 

no vpn interface ip should not overlap with any lan ip, do you get pinged anything at all? can you get the ping from 1.1.1.1

 

  0  
  0  
#4
Options
Re:Wiregaurd and internal DNS
2024-11-06 18:51:07

  @MR.S 

 

Thanks again for the feedback

 

I have made the following adjustments to the Wireguard setting and the Peer Setting. 

 

 

I am able to ping 1.1.1.1 and I am also able to ping all of the other devices on my network 192.168.5.0/24. I am also able to pull up the devices if I put in their ip address into the browser. 

 

The problem is that I have quite a few reverse proxies set up in my office. They are all on my piHole (192.168.5.2) which then point to my traffic container. This is the part that is not working. So when I go to router.customized.local.domain it fails to load my omada controller.

 

With my other set up > Wiregaurd installed on machine via Docker this is all working with my customized domains. 

 

I might have to look more into this. 

 

I appreaciate your time!

  0  
  0  
#5
Options
Re:Wiregaurd and internal DNS
2024-11-06 18:56:04

  @CeApollo 

 

Oh, so you need DNS Suffix in the wireguard tunnel, put this in your wireguard file
DNS = 192.168.5.2, customized.local.domain

  0  
  0  
#6
Options
Re:Wiregaurd and internal DNS-Solution
2024-11-07 00:07:23 - last edited 2024-11-07 00:07:27

  @MR.S 

Thank you for your help in helping be actually dive deeper into the issue. The issue had nothing to do with the Wiregaurd setup! 

 

I had to chage my piHole dns interface settings to "Permit all origins" 

 

Thank you again for your help solving this issue. 

 

Cheers, 

Recommended Solution
  1  
  1  
#7
Options