VPN policy must also be configured so that all internal connections to the router went through the VPN.
Could you elaborate on the kill switch?
My main problem is that when the dns is routed via AdGuard, it’s causing a leak and geo-restrictions cannot be bypassed!
Use VPN for all process on the router: Generally, the traffic of all processes running on the router such as GoodCloud will be routed through VPN if there is a connected VPN client (e.g. WireGuard, OpenVPN). In this case, these processes will lose Internet if VPN is disconnected. In order to ensure a proper operation of these processes, you can disable this option. As a result, they will not use VPN.
See next post. This should work.
It works for me, please indicate here if it works in your case.
Hey, so I don’t think we are talking about the same thing. The main issue here is that when you enable the AdGuard process via the GL GUI, DNS requests are being forwarded to 127.0.0.1#3053 (meaning to the AdGuard instance running) and essentially VPN clients are forced to route their traffic via AdGuard.
Now this causes a DNS leak and it unfortunately breaks various websites that enforce geo-restrictions.
Whenever I go to download the file for my AR750 I get an XML error… am I doing something wrong?
What is it like? Can you send a screenshot?
You should download firmware from https://dl.gl-inet.com/
How did you got that link? You should search via GL.iNet download center and download the firmware that the router shows you.
It’s the links that the OP who started this thread posted to get the customized firmware with adguard home installed.
The links in the first post are dead, @luochongjun needs to update them
I see. It is an old post and I just updated.
Update on Feb 14, 2022
AdguardHome is available for S1300, MV1000 and AX1800.
Routers like AR750S, MT1300, B1300 can also run AdguardHome but they may not be powerful enough to run it smoothly.
Please update to firmware 3.105 and newer.
If the firmware does not comes with AdguardHome by default, pls update Plugins and install gl-agh-stats
@luochongjun Why does the Adguard only display the router itself as a client? I experience this behaviour also when using an alternative DNS server (Pi-hole). From your screenshot i see the same behaviour.
Because the clients are not querying AdGuard server directly. GL-AX1800 have dnsmasq binded to the default DNS port (53) and AdGuard binded to port 3053.
I tried to disable dnsmasq DNS by configuring it to bind to another port but it doesn’t work as expected and that left DHCP in a broken state. The solution was to remove dnsmasq and use odhcpd instead.
I don’t recommend messing with this unless you know what you’re doing. But it basically you have to connect via SSH to the router, edit AdGuard conf to bind DNS to 53 and follow instructions from the link bellow to remove dnsmasq and set up odhcpd.
Apparently everything is working as it should but I haven’t rebooted yet.
EDIT: I had to manually add odhcpd to the startup.
Here I found a the solution to the problem; Source of DNS queries not seen in adguard of alternative dns server like Pi-hole - #8 by wcs2228
I successfully disabled DNS functionality in dnsmasq and enabled AdGuardHome as DNS server.
Stop dnsmasq and AdGuardHome:
In /etc/config/dhcp, replace the following lines:
option noresolv ‘1’
list server ‘127.0.0.1#3053’
option localuse ‘0’
option port ‘0’
In /etc/AdGuardHome/config.yaml, replace:
Start dnsmasq and AdGuardHome:
Back up the 2 files before starting changes and restore the 2 backup files to reverse changes.
EDIT: Configure DHCP server to give DNS as the router’s IP address via LuCI → Network → Interfaces → LAN → Edit → DHCP Server → Advanced Settings → DHCP-Options. Enter the following and click Save, then click Save & Apply:
If you have changed the router’s IP address from the default 192.168.8, then enter the new IP address preceded by “6,”
EDIT: Here is the OpenWRT reference:
I do not work for and I do not have formal association with GL.iNet
Thanks. I did something similar with dnsmasq but through Luci and it left DHCP was broken. I should have edited the config files directly.