Can you post the self-hosted Wireguard config file (with the keys redacted)? What is the IP address that it assigns to the client and does it assign a DNS to the client?
If I understand your network setup correctly, the Wireguard config may be assigning the client with IP address 10.13.37.x. The pi-hole has IP address 10.13.37.50 and is on the LAN side of the router, so it is not reachable because the router VPN client goes through the WAN side. Tethering is on the WAN side and DNS 10.13.37.50 is shown on your “Tethering” screenshot.
The android cellphone and laptop may be working because they are on the LAN side of the router, so the the pi-hole on the LAN side is reachable.
Wireguard is a vpn technology, that is used outside of your wifi to access your local lan via foreign wifi or mobile network…
But due to its flawless roaming functionality it doesn’t matter, if you still use it, when you are back home in your own wifi, where you are in you local lan… its just more overhead and maybe slower…
The dns is defined in the client wireguard config with the option DNS … So the client wireguard daemon sets the dns setting… the server does not push the setting as you might know from openvpn…
The network witch wireguard uses internal is of course another subnet as the hom lan network…
The openvpn side of the gl.net software uses a /etc/openvpn/update-resolv-conf
Maybe Wireguard needs a similar script for changing the dns after proper connection to the server…
By the way I moved to another location and i am using wifi as wan connection now…
Problem still persists… I manually edit /etc/resolv.conf after proper wireguard connection, because the dns submitted via wifi connection from my wan provider can’t be reached afterwards…
After changing resolv.conf “opkg update” finds its servers again…
I just pulled the latest beta firmware to my Beryl and I can confirm it’s still not using my wireguard DNS.
I did just find though that if I go in to LuCI → Network → DHCP and DNS: all the settings look right and if I just hit save & apply it updates /etc/resolv.conf and work correctly. Sounds like something needs updated in the script for activating/connecting wireguard to complete the DNS change over assuming the field is populated…
UPDATE/CORRECTION - the router itself (SSH) would now use the proper DNS…however, connected clients do not.
I am also experiencing DNS issues using a Wireguard client file on my GL-MT1300 using an upgraded beta version of the firmware openwrt-mt1300-4.1.0-1107-1667792228.bin. I also experienced the problem on older versions of the firmware.
The router seems to use DNS servers from my VPS, which is in this case from the network Vultr, instead of the DNS servers specified by the Wireguard server. When I connect directly to the Wireguard server from my laptop, instead of connecting to the Wireguard server at the router level, the correct DNS servers are used.
I think I may also be experiencing this DNS issue with WireGuard. I self host my WireGuard server at my house. I have Android clients that work as expected and use the DNS provided by my WireGuard server. The WireGuard client config includes DNS = 192.168.1.1 which is the IP address of my router that is hosting the WireGuard server. I am using similarly generated config file on my X3000 but devices connected to X3000 are using the DNS servers entered in X3000 settings.
Edit: firmware 4.3.1.
Edit 2: the tunnel is working properly otherwise. The clients reported IP address is the IP address of the server.
I’m experiencing this issue as well. My GL-MT1300 Beryl (firmware 4.3.7) does not honour the DNS settings from the Wireguard client. I can reach the Wireguard DNS when I specify it in nslookup, but the Beryl still uses the DNS server from the WAN.
Oh, I also noticed that the GL.iNet UI doesn’t respect valid Wireguard configuration options. For example, Wireguard lets you add search domains (as text) to the Interface.DNS field, but the GL.iNet interface only lets you add numeric values, limiting you to adding only DNS servers.
I also have this problem (MT1300 and SFT1200), not only for WG, also for OpenVPN. This problem appeared when I switched from Firmware V3 to V4. It is a shame that they have not yet solved it, I saw a lot of threads complaining about this since quite a long time.
The 4.x firmware not does hornor DNS settings in the wireguard and openvpn.
If you have an issue just open a separate thread with details. This is a 5 year old post.
The last problem which posted in Jan is talking about another issue.