Noobs Guide to Install PiHole+Open VPN on Nat VPS

I have installed PiHole+Open VPN on a regular VPS before, but somehow I have difficulty getting it to work in the NAT VPS, I have difficulty getting the Split Tunnel part working properly.

In the OpenVPN am looking to setup both a Split Tunnel only for DNS queries and also a Full Tunnel . I Searched and couldn't find an easy to follow tutorial specific to NAT VPS. Anybody can point me to one or post one? Thanks a lo!!

Comments

  • have you try to change the dns port?

  • InceptionHostingInceptionHosting Hosting ProviderOG

    @Freek and @nyr may be able to throw some insight on this.

    Thanked by (1)Freek

    https://inceptionhosting.com
    Please do not use the PM system here for Inception Hosting support issues.

  • It's been a while since I used OpenVPN. How does your server and client config look like? Make sure to redact any private info.

  • edited December 2020

    You are doing it wrong. Now we use ADGuard and Wireguard :)

  • edited December 2020

    I played around with this using one of @AnthonySmith great deals. At the end of the day, I gave up and used a non-NAT server. :-/

  • edited December 2020

    I'll play around with getting wireguard and adguard working on a NAT VPS. I have no interest in OpenVPN or PiHole anymore sadly.

  • @aaronstuder said:
    I'll play around with getting wireguard and adguard working on a NAT VPS. I have no interest in OpenVPN or PiHole anymore sadly.

    You could set standard DNS port 53 on Adguard if it only listen to wireguard interface (ip 10.0.7.xx). I could not get DoT and DoH feature work on NAT VPS.

    In the end, you need to add IP address 10.0.7.1 as DNS server in wireguard configuration.

    A simple uptime dashboard using UptimeRobot API https://upy.duo.ovh
    Currently using VPS from BuyVM, GreenCloudVPS, Gullo's, Hetzner, HostHatch, InceptionHosting, LetBox, MaxKVM, MrVM, VirMach.

  • Pi-hole instructions on this matter are compressive and they even use my script to set up OpenVPN, so you should be good to go. The server being behind NAT is irrelevant, my installer deals with that.

  • @chocolateshirt said: You could set standard DNS port 53 on Adguard if it only listen to wireguard interface (ip 10.0.7.xx). I could not get DoT and DoH feature work on NAT VPS.

    Yeah, sadly I think the best option is to just use a non-NAT VPS.

  • I don't see point of dns based ad blocking anymore just use unblock origin on Firefox and YouTube vanced and bromite(chromium based with built in ad blocker )on android)

    Want free vps ? https://microlxc.net

  • @codelock said:
    I don't see point of dns based ad blocking anymore just use unblock origin on Firefox and YouTube vanced and bromite(chromium based with built in ad blocker )on android)

    What about everything else on your network? Smart TV, Consoles, etc?

  • This is the port assignment.
    Server is from @Abdullah Webhorizon

    You have been assigned a range of 20 ports on your Shared (NAT) IPv4 address and 1 extra forwarded port for SSH.
    The first 20 ports are based on the last octet of your internal IP, you can use these for anything you want, examples below:
    example: 10.37.130.100 has the following port range usable: 10001-10020
    example: 10.10.10.221 has the following port range forwarded: 22101 - 22120

    I prefer OpenVpn because it plays well with Tasker on my mobile. I can turn on the VPN service when I am on mobile data and unknown Wifi and turn it off when I am at home wifi. There is a plugin in Tasker for Wireguard as well, but it never worked well for me.

    Thanks!

  • @Freek said:
    It's been a while since I used OpenVPN. How does your server and client config look like? Make sure to redact any private info.

    Kindly see above post of mine. Thanks.

  • @Nyr said:
    Pi-hole instructions on this matter are compressive and they even use my script to set up OpenVPN, so you should be good to go. The server being behind NAT is irrelevant, my installer deals with that.

    Let me check your script out. Thanks.

  • vyasvyas OGRetired

    PiHole and Noobs in the same sentence mess me up.

    Is he talking Raspberry Pi Noobs, or Newbie noobs ?

  • edited February 2021

    if i have to purchase a pi just for pi-hole which edition (2 or 3 or 4) and ram do you guys recommend?

    is this enough? https://www.pishop.us/product/raspberry-pi-zero/

    thanks.

  • @Aaron said:
    You are doing it wrong. Now we use ADGuard and Wireguard :)

    Guide pls

  • For me once i add the blocklists same as PiHole , Adguard is taking twice the memory

  • @seenu said:
    if i have to purchase a pi just for pi-hole which edition (2 or 3 or 4) and ram do you guys recommend?

    is this enough? https://www.pishop.us/product/raspberry-pi-zero/

    The Zero has no networking at all. You would have to add USB Ethernet or USB WiFi, and then the cost adds up.

    The Zero W has built-in WiFi, but it only supports congested 2.4GHz frequency, and the CPU is outdated ARMv6.
    I bought two units in 2017 and it's frustrating. Not recommended!

    All other base models have the same $35 price. Thus, 4B 2GB is the only reasonable choice.

    Thanked by (2)Not_Oles seenu

    Webhosting24 aff best VPS; ServerFactory aff best VDS; Cloudie best ASN; Huel aff best brotein.

  • @yoursunny said: The Zero has no networking at all. You would have to add USB Ethernet or USB WiFi, and then the cost adds up.

    usb Wifi dongle is surprisingly cheap...it costs Rs.200/- (~ $3) in India so i can buy one and add but if CPU is outdated and can't run pi-hole properly then it is a waste investment.

    i guess i will go with a middle way i.e. 4GB one.

  • Are you looking for setup a adfree vpn on nat vps?

    1. install AdguardHome, the trick is that I use [ipv6]:3000 to complete the install process

    2. config Adguardhome's Adguardhome.yaml (127.0.0.1 -> your internal IP address), Like that

    bind_host: your internal IP address

    You can setup a DoH if your provider providers domian forwarding.

    Thanked by (1)Abdullah

    Action and Reaction in history

  • AbdullahAbdullah Hosting ProviderOG

    @elliotc said:
    Are you looking for setup a adfree vpn on nat vps?

    1. install AdguardHome, the trick is that I use [ipv6]:3000 to complete the install process

    2. config Adguardhome's Adguardhome.yaml (127.0.0.1 -> your internal IP address), Like that

    bind_host: your internal IP address

    You can setup a DoH if your provider providers domian forwarding.

    @deepak_leb

    Thanked by (1)deepak_leb
  • @elliotc said:
    Are you looking for setup a adfree vpn on nat vps?

    1. install AdguardHome, the trick is that I use [ipv6]:3000 to complete the install process

    2. config Adguardhome's Adguardhome.yaml (127.0.0.1 -> your internal IP address), Like that

    bind_host: your internal IP address

    You can setup a DoH if your provider providers domian forwarding.

    If you install AGH on your public IP, it's open to the world and everyone with the IP can use it.

  • @Mew said:

    @elliotc said:
    Are you looking for setup a adfree vpn on nat vps?

    1. install AdguardHome, the trick is that I use [ipv6]:3000 to complete the install process

    2. config Adguardhome's Adguardhome.yaml (127.0.0.1 -> your internal IP address), Like that

    bind_host: your internal IP address

    You can setup a DoH if your provider providers domian forwarding.

    If you install AGH on your public IP, it's open to the world and everyone with the IP can use it.

    This post is about NAT, you do not have a public 53 port.

    Thanked by (1)Mew

    Action and Reaction in history

  • I'm using free ahadns.com's Indian server which hosted in Linode Mumbai. Works well for me.

  • @dosai said:
    I'm using free ahadns.com's Indian server which hosted in Linode Mumbai. Works well for me.

    But why would you use a VPN of server located in India itself ? . Records are quite easy for any government agency to take out
    If located in India only , Oracle free tier located in India also works very good for Adblocking

  • @kuduku said:

    @dosai said:
    I'm using free ahadns.com's Indian server which hosted in Linode Mumbai. Works well for me.

    But why would you use a VPN of server located in India itself ? . Records are quite easy for any government agency to take out
    If located in India only , Oracle free tier located in India also works very good for Adblocking

    Ahadns is not a vpn but an adblock DNS. I don't really care about government agencies lol.

  • havochavoc OG
    edited February 2021

    @seenu said:
    if i have to purchase a pi just for pi-hole which edition (2 or 3 or 4) and ram do you guys recommend?

    is this enough? https://www.pishop.us/product/raspberry-pi-zero/

    thanks.

    From memory it needs to be at least 1gb so a zero isn't gonna work.

    2s are painfully slow - but I think it should work. 3s are OK - have used it for a pihole. 4s are good but getting expensive

    I'd suggest getting a 4 though. Mostly because the 4 is substantially faster than 3 to the point where buying a 3 doesn't make much sense.

    Remember you need a high quality power supply...won't run on some shit phone charger.

    Also reminder that pihole can run virtualized etc...no actual requirement to use a pi

    Thanked by (2)yoursunny seenu
  • Currently i am running pi-hole on windows pc but i feel that way, i spend more money on power because i have to keep running my pc 24x7... that is the reason i am thinking of getting pi.

Sign In or Register to comment.