I had trouble finding relevant information in the forum, apologies in advance if this has been answered before.
I have a flint 2 v4.8.3 and were successful setting up a wireguard client. I can specify clients and clients traffic routes through the VPN just fine. I can also sudo -g explict_vpn ping 1.1.1.1 and get responses. However sudo -g explict_vpn curl ``ifconfig.co gives cannot resolve host. I can only resolve with Network→DNS→DNS Server Settings as encrpyted DNS, either TLS or HTTPS works fine; anything else cant resolve any host using explicit_vpn. Any pointers appreciated!
By default, the router will use the DNS obtained from the WAN as its local resolver. Meanwhile, commands executed via the explicit_vpn group will be routed through the VPN.
As a result, if the DNS obtained from the WAN is not accessible within the VPN network, DNS resolution issues may occur.
If an encrypted DNS is configured, requests originating from the router itself will also be resolved using the encrypted DNS. Since these public DNS services are generally accessible within the VPN network, this typically avoids resolution issues.
We recommend to use encrypted DNS in this situation.
Thanks for the reply! In my specific use case I would like to enable adguard home for my non VPN clients, and since every other configuration other than encrypted DNS wont work with expliicit_vpn I’m stuck besides trying to get an adguard home docker set up. I tried to look at generate_adguard_rules in firewall.dnsorder but can’t make much sense out of it. Is there anything I can do in this scenario?
Could you please clarify your requirements further?
By default, the built-in AdGuard Home on the router handles DNS requests for all LAN devices—not just those listed under the VPN policy mode client list.
Right - I want to enable adguard home for all devices connected as well as routing transmission traffic through a wireguard VPN. I can route the traffic fine by starting transmission through the explicit_vpn user group, but that user group cannot resolve any host unless I enable the encrypted DNS option. adguard home overwrites any DNS options and explicit_vpn also couldnt resolve host with it.
perfect thank you. the WAN DNS was somehow set to my ISP’s in /etc/resolv.conf and now it seems to work as expected after forcing the WAN DNS to a public one.
