Adguard in flint2 router. If anyone understands…
Do I need to configure an SSL certificate in the adguard interface and have a static IP address from the rights provider? Or does ssl adguard use the settings of the flint 2 router itself and do without uploading the ssl certificate to the adguard panel?
Is it possible to use flint2 adguard+vpn in a router?
If an ssl certificate is still needed for adguard in the router, will you have to update it yourself and control the validity period (letsencrtpt)?
I would be grateful if you could tell me which settings I need to change for the best performance and maximum efficiency.
I will be very grateful to you for your detailed answers and discussions.
Thank you for taking the time to answer, but I want to make it clear in the clear and maximum solution of the settings both for myself and maybe it will help other users
Thanks for the answers. A little confused. As far as I understand, the best solution for adguard settings for maximum efficiency and security of router clients is:
Settings->General settings->Logs configuration->enable log OFF
Settings->DNS settings->Upstream DNS servers https://dns.adguard-dns.com/dns-query
or other DNS
Settings->Client settings->Persistent clients
It’s empty and you don’t need to enter anything here
Filters->DNS blocklists and Select lists for filters
Everything else is left untouched.
Admin Panel Gl.Inet flint2
Aplications->Adguard Home->Enable AdGuard Home ON
AdGuard Home Handle Client Requests OFF
Network->DNS->Override DNS Settings for All Clients ON
Are these the best settings in security? Did I understand you correctly?
You can use upstream as @admon advised for public dns server. If you want specific control Adguard dns server then create new account in website and put upstream in your AdGuard Home and private dns on your mobile . Remember limited queries per month for free user, should be enough for you. Paid user from Adguard vpn for extra queries.
About ssl in your AdGuard Home is not recomend, you can use local. This about make your ssl dns resolver. Your isp will be warning letter or email for dangerous thing to do if you open port forward.
Do you mean to leave the “Certificates” page in adguard home blank and not fill in anything here? And just fill in Upstream DNS servers with Adguard personal DNS from your personal account? Will my ISP or someone else be able to come in and see my requests? Will it be encrypted? Thank you for taking the time to answer my questions.
I bought the paid version of Adguard. There I created separate devices for DNS control.