WireGuard on GL-A1300 not propagating custom DNS settings / Can't resolve local hostnames over WireGuard via GL-A1300

So my setup (the important parts) looks as follows:

Type IP Description
Router My router, a FritzBox
LXC Container AdGuard. Used as my DNS resolver with configured DNS rewrites for local services
LXC Container WireGuard

Now if I create a wireguard config (in the WireGuard LXC container) it looks like this

Address =
PrivateKey = zTV...

PublicKey = 5Eo...
PresharedKey = Rgt...
AllowedIPs =, ::/0
Endpoint = mydomain.com:51820
PersistentKeepalive = 25

Using those configs on my computer or android phone works AND the local hostnames resolve without a problem.

Now I got myself a GL.iNet Slate Plus (GL-A1300) which I want to use for traveling. I created a new wireguard config and imported it to the device. When I connect my computer or phone to the WLAN of the GL-A1300 (with WireGuard running on the GL-A1300) then I'm able to access the internet and access my local services via IP (eg. but I'm unable to access them via their hostname configured in AdGuards DNS rewrites.

Since resolving of the local hostnames over WireGuard is working when I'm using it directly on my computer or phone, my guess is that it's a (configuration) problem with the GL-A1300 but I figured asking here won't hurt since someone here might be running a similiar setup.

Oh and I've already tried adding my local suffix to the DNS line of the config and adding the IP of my DNS server to the list of allowed IPs like so

DNS =, fritz.box
AllowedIPs =, ::/0,

But that brought no change.

Already posted to Reddit but go no reply there either.

Could you please check if DNS Rebinding Attack Protection is enabled on your A1300?

I'll check that and report back, thanks for the reply. In the meantime here's an in-depth analysis by /u/pp6000v2 from reddit.


it's changing the file at every boot or WAN change. It got the DNS server from my home DHCP server flags. So either WG's configured DNS server isn't being passed through when the tunnel is brought up, or a change to include it would need to be made inside the Network > Interfaces tab and/or /etc/config/network

Full post from reddit:

Ok, I just checked. Network - DNS - DNS Rebinding Attack Protection is turned OFF.