Pihole destroyed VPN

Routers VPN, DNS, Leaks
1

I have the following problem: I have a network with a FRITZ!Box, and a WireGuard server is running on this FRITZ!Box. Using the WireGuard server, I can access my home network remotely.

In my home network, I have a Raspberry Pi running Pi-hole. The Pi-hole has the IP address 192.168.201.254. I installed Pi-hole on the Raspberry Pi after setting up WireGuard on the FRITZ!Box.

The problem now is that I can still access everything with all other devices — for example, using the WireGuard app on my iPhone or on my computer — and everything works perfectly. However, I can’t access my home network using my travel router, the GL.iNet GL-MT3000.

The travel router has the local IP address 192.168.10.1. I already set the DNS on the travel router to point to the Pi-hole IP address, but the travel router still can’t connect to the network.

What could be the reason? As I said, it works flawlessly with all other devices via WireGuard, just not through the travel router.

3
  1. Verify WireGuard Config Consistency
    Compare Configs: Check the WireGuard settings on your phone/computer vs. the GL-MT3000. Ensure:
    Endpoint (server IP:port) is correct.
    AllowedIPs includes your home network (e.g., 192.168.201.0/24) and 0.0.0.0/0
    PersistentKeepalive matches (e.g., 25).
    Re-import VPN Configure
  2. Test Pi-hole DNS:
    SSH into the GL-MT3000
    nslookup example.com 192.168.201.254

If it fails:
Allow 192.168.10.0/24 in Pi-hole’s DNS settings (Settings → DNS → Interface).
Check FRITZ!Box firewall for UDP 53 (DNS) blocking.
Add Missing Routes:
Run ip route show on the GL-MT3000. If your home network (192.168.201.0/24) isn’t routed via wg0, add it:

ip route add 192.168.201.0/24 dev wg0

  1. Check Travel Router Limits
    Firmware & Reset:
    Update the GL-MT3000 to the latest firmware. If issues persist, factory reset and reconfigure.
    Firewall/NAT:
    Disable strict firewall rules on the GL-MT3000 (temporarily) and ensure NAT is enabled for WireGuard traffic.
  2. Verify Home Network
    Check WireGuard Server Logs:
    Look for connection attempts from the GL-MT3000 in your FRITZ!Box’s WireGuard logs.
    Pi-hole Query Log:
    Check if requests from 192.168.10.x are blocked in Pi-hole’s Query Log.