Hi all. I’ve been setting up a Slate 1800AX as a backup router for my network and have run into an issue. When using the VPN Client, I set the policy to “VPN Policy Base on the Client Device” with “Not Use VPN” and one exception added. In other words, all devices should go out the regular WAN except for one. With this setup, it appears the exception client which should use VPN works properly, but all other LAN devices not use the regular DNS rather than going out over what was specified in Adguard. Any ideas?
What is the DNS that the other LAN devices use (not the exception client)?
I do not work for and I do not have formal association with GL.iNet
The other LAN devices use Quad 9 DNS over TLS through Adguard.
I may not be understanding the issue. The other LAN devices should go out through the normal WAN using the regular DNS. If the router is running AdGuardHome, then it would use AdGuardHome via the router’s dnsmasq. Do the LAN devices have their DNS IP set to the router’s IP (e.g., 192.168.8.1)?
It should, but doesn’t. Yes, LAN devices are set to use router’s IP for DNS. When the VPN client routing policies are active as described in my original post, the DNS of other devices does not go through Adguard as they should and instead use the WAN’s regular DNS which is the ISP DNS servers.
Can you check the /etc/config/dhcp file and see if the dnsmasq section has the following lines, which are to forward DNS requests to AdGuard Home?
option noresolv '1'
list server '127.0.0.1#3053'
I actually figured out a way to make this work by going into the Luci UI and removing the option to use the ISP assigned DNS. This seems to force it to default to 127.0.0.1.
1 Like
That sounds like a bug that GL.iNet has to fix.