Flint VPN client and Adguard Home dns leaks

Technical Support for Routers
1

Hi,

I use a GL-AX1800 / Flint, firmware 3.214 and Adguard home version v0.107.25.

I configured it with a VPN client running wireguard + VPN policy box all checked and no IP/Domain or Mac adress filtering + Do not use VPN for everything => VPN is only applied to the guest network and Adguard home only for the “main”/non guest network. For the other settings, everything is based on a new install:
Custom DNS => the only option checked is “DNS Rebinding Attack Protection”

Adguard home:
1/ Use private reverse DNS resolver checked
2/ Enable reverse resolving of client checked

Since I configured this setup, i never had DNS leaks using the guest network using the vpn client and everything was working perfectly. However since couple of days, I have now a dns leak with the guest network, with Adguard home dns (based on a mullvad check) => couldn’t fix it so I did a revert firmware and redo my config => ok no leaks. But today, the leaks reapeared.

Do you have any idea about how to fix this issue?

Many thanks,

2

Is there a problem if you turn off adguardhome and use cloudflare provided on your router?

3

Enable Ignore resolv file in LuCI DHCP & DNS page, resolv and hosts settings tab.

4

I thought about it but:

When I turn off adguardhome, the network connexion on the main profile is down (not normal I think?), the only way to recover it is to re-enable adguard or to go into “Custom DNS” and enable DNS over TLS or manual config.

However, the leaks still happens.

@tmash it is already enable by default.

ps: in adguard home, in runtime clients => all the internal guest clients appear here, is this normal, shouldn’t they be excluded?

5

Do you have the correct DNS setup in the Adguardhome page DNS settings not GL.iNet User Interface (GUI) DNS settings?

Also is there a edit host button on the GUI DNS page that needs to be cleared out some times. (its been awhile sence I used 3.214)

You devices if you set up VPN app could be Hard Coded with a certain DNS and need to be changed in the devices settings.

It is normal to need to config the routers DNS, but there should be a auto upstream option somewhere (on another settings page in the GUI)

Is override DNS enable for all clients or strict order or how adguards DNS Queing is setup?(this might not be a option because of how the main network and guest network DNS is configured)

https://docs.gl-inet.com/en/3/troubleshooting/override_dns_settings_for_all_clients_not_take_effect/

6

Maybe you can try the latest 4.1 firmware.
https://dl.gl-inet.com/?model=ax1800

7

What do you mean by “correct dns setup”? Everything is base configuration, just changed upstream dsn server by: https://dns-unfiltered.adguard.com/dns-query

I didn’t find the button unfortunately.

Regarding the hard coded DNS, not sure, if I’m connecting to my VPN app, the dns go through the VPN provider, not selected adguard home one.

It is strange indeed, I don’t find the upstream option in the DNS settings => I suppose it is cloudfare and you can change with a custom one.

I tried both changes explained in the docs but the DNS is always the adguard home ones and not the VPN providers ones. The only option I’m thinking of is reverting firmware and just not enabling adguard home.

@luochongjun Yes I will think about that, is it stable enough to upgrade? I read wifi debit reduced after the upgrade?

Thanks to both of you

8

Adguardhome has another settings page (your default gateway :3000 Ex 192.168.1.1:3000) ( If you go to the GUI DNS there is a long paragraph talking about adguardhome and I think in the middle or at end it is a link to adguradhome settings) that you can set up with custom list, DNS server queries and such.

9

This version has been officially released and WIFI performance is not much different.