Using a Wireguard VPN on Flint2 f/w 4.7.0 - VPN Policy Based on Device MAC and have added 3 LAN MACs that I only want to use the VPN.
When this is active, for some reason google.com will not work on the clients that are not listed to use the VPN.
Also nslookup fails to work unless it's run like 3 times (on the excluded VPN LANS) which is causing a massive delay on resolving anything and accessing the internet. (Adguard home is running as per usual).
I have this same issue. I've tested it both ways, MAC address to use the VPN and MAC address not to use the VPN. Same outcome. And it isn't just google, it also screw up the internet connection for my Fire TV which is set not to even use the VPN. I too have AGH running. It's been an issue ever since the first 4.7 beta on the Flint 2.
He was one step better off than me. Most of the time I can't even get the fire tv home screen to connect and if it does Freevee will never load. I agree with one comment in that thread, it does seem to be a DNS issue.
Who is your VPN provider? When I said I didn't have the issue prior to 4.7 I should also have mentioned prior to 4.7 I was using Mullvad. Since 4.7 I've been switching back and fourth between SurfShark and Azire.
Just for shits and giggles I reactivated my Mullvad account and issues disappeared. Using SurfShark or Azire I have the following issues:
Non-VPn traffic-Smart tvs, smartthings hub and ecobee thermostat won't connect at all or in case of the tvs they connect but with previous mentioned issues. My wife's iPhone and ipad won't load Amazon apps.
Computer and laptops using the VPN I get timeout errors trying to use google.com, amazon.com.
I'm sure I've encountered other issues but this has been so on going that I've lost track. The other weird things is when I turn VPN and AGH off I have to restart the router to get things back to normal. Another glitch I've seen once in awhile is when I turn AGH on in the Admin GUI then go to the "advanced" settings page for it, it shows it's off. It's getting aggravating.
I have same problem here on my network and I have not found a solution yet.
I have set up the Wireguard VPN client with NordVPN using a client device based VPN policy and everything is working fine. Only two clients, where I specified the mac address, are using the VPN to "surf" the internet.
After a few hours I noticed that my iPhone (I didn't specify the mac address) started having problems loading the Amazon app content and searching in the browser via Google. I can navigate to other websites without any problem, even new ones that have never been opened in this browser, but I cannot use Google search in the search bar, I tried also different browser.
At the same time, with an iPad on the same Wi-Fi network, I can use these services without any problems. If I disconnect the VPN client, it works without any issues.
After this, I tried different things, but no one helped to solve the problem.
I reinstall the firmware without keeping the settings and I tried with 4.7.0-op24 and 4.7.4 beta
I tried to disable Adguard Home
I tried to from the iPhone to disconnect the wifi and connect it again. It works for several minutes and then again same problem.
When my iPhone stops working with Google and Amazon.co.uk, if I change the Wifi DNS to 8.8.8.8 it works again. If I change to the default DNS provided by DHCP (Flint+AdGuard) it breaks again. Disabling protection from the AdGuard Home interface doesn't make difference.
Hi @relapse, what version did you upgrade AdGuard to?
I tried to upgrade to v0.107.55 and had the same problem with NordVPN.
I also discovered that when I have the problem, AdGuard returns 192.0.0.88 for www.google.com and I think this is the problem.
Could it be that AdGuard is using the VPN tunnel to contact the DNS server? I read on Reddit that the IP 192.0.0.88 and Google is something related to NordVPN.
Same version and I also tried the new v0.107.56. Same problem.
I also tried to reconfigure (remove and reapply) the DNS setting and the VPN policy but no change.
What I can see is that AdGuard resolves www.google.com to 192.0.0.88 and my iPhone, which is not in the VPN policy, cannot reach it and goes into timeout. When I add the iPhone's MAC address to the VPN policy, everything works fine. So I suspect that the problem is AdGuard somehow using VPN to resolve DNS even if the setting is disabled in the global VPN option.
I seem to have found a solution to this problem.
I've changed the upstream DNS servers in AdGuard from UDP to TLS and it's now been a few hours that my iPhone has been working fine. Before this change, it was failing after 20/30 minutes.
