Adguard Home, Port Forwarding for Wireguard to show clients

I was looking at the solution of this thread and I was wondering if there's any reason why this would be a bad idea to do in order to get AdguardHome to show me the requests from my Wireguard Clients

The thread I'm refering too:
GL-MV1000 with AdGuard all clients show as localhost:

This is my port forward to get the WgClients to report to AGH:


And the result in the log (Top line, with the port forward enabled, bottom disabled)

Thanks

The only problem with AdGuard Home handling the clients directly is that VPN policies won’t work anymore.

Isn't that getting fixed in 4.6 anyway?

Image

I'm asking more if it is in any way insecure or can cause a conflict to redirect the DNS port to my Wireguard clients (The ones that connect to me as server)

No, it's not fixed because you can't fix it. It is by design.

Seems the first post is talking about clients from VPN, while the following post is talking clients connected on LAN.

Clients in LAN surely can appear in Adguard Home. The MV1000 post is so old now.

Clients from LAN (192.168.8.1/24) appear correctly in the query log.
Clients from Wireguard (10.0.0.1/24) appeared as requests from localhost (127.0.0.1). After adding that port forward rule (taking the idea from that old post), now they report as individual client requests (Ie 10.0.0.2) and I can create rules and exceptions for them.

My question is if that would expose my system or cause conflict. I'm assuming it "shouldn't", since the only ones with access to my network would be the Wireguard clients but I rather ask than just assume.

Is doing this safe, right?

I think it should be OK.

I am checking with developers to see if we can include vpn clients directly to adguard home.

1 Like

That would actually be awesome. :+1:t2:
Thank you very much!