Roken
Posts: 280
Joined: Sun Dec 31, 2017 4:35 pm
Location: UK

OpenVPN with PiHole

Thu Jun 28, 2018 10:03 am

I have both installed on the same Pi, and both are working (Pi Hole is shown to work on my local network, and openvpn from my tablet outside of the local network). However, if I point dns in /etc/openvpn/server.conf to pihole, the VPN will no longer lead to any websites from the tablet. I've tried with 127.0.0.1, 10.8.0.1, 192.168.1.160 (the local Pi address), and absolutely nothing is working.

The VPN is listening on tun0, and ifconfig shows tun0 as:

Code: Select all

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 10.8.0.1  netmask 255.255.255.0  destination 10.8.0.1
        inet6 fe80::f2c7:ab50:eeda:1d45  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 100  (UNSPEC)
        RX packets 2390  bytes 405902 (396.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2382  bytes 1086173 (1.0 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
I'm sure I'm missing a step, but can't for the life of me figure out what it is. Any ideas?

EDIT: For info, I haven't made any modifications to dnsmaq.conf.
Headless PI. OMG, someone cut it's head off. Oh, hang on. it didn't have one to start with.

mutrised
Posts: 44
Joined: Thu Nov 08, 2012 12:41 am
Location: France

Re: OpenVPN with PiHole

Thu Jul 05, 2018 3:25 pm

You post is quite old now :/.
Did you managed to get it working ?

I discorevered pi hole thanks to you, browsing unanswered posts =).

I will surely get my hands on it these days.

I passed a few hours/days troubleshooting VPN and routing issues with my PIs, if you did not solve your problem yet, I may help you.
RPI2B 7/24 - web, NAS/media, Owncloud and more
RPI0 7/24 - VPN, DHCP, DNS (including filtering), wakeonlan proxy
RPI0W - VPN gateway providing secure WIFI AP and network router, some kind of internet BOX when on the move ;)

Roken
Posts: 280
Joined: Sun Dec 31, 2017 4:35 pm
Location: UK

Re: OpenVPN with PiHole

Fri Jul 06, 2018 8:58 pm

Nope - still not working :(
Headless PI. OMG, someone cut it's head off. Oh, hang on. it didn't have one to start with.

mutrised
Posts: 44
Joined: Thu Nov 08, 2012 12:41 am
Location: France

Re: OpenVPN with PiHole

Tue Jul 10, 2018 2:57 pm

PiHole seems quite promising, so easy to set up.
But I droped it... I'll finnally go back to manual config. Admin interface was bugy (changes not applied to system).

But the stats interface is quite awesome... I'll try to get it working as a separate web page, but I don't think I'll be able to bring all the stats engine up and working as it does into pihole...

I'll stuck to grep on log files for now :/

For your issue, it seems like a DNS problem to me. I had trouble getting pihole setting dnsmasq to listen to all interfaces. It may be your problem too. Once connected through VPN, you should be able to ping your VPN gateway 10.8.0.1, but if dnsmasq is not listening on this interface you won't get any response.

You may try to setup pihole to listen only on tun0 interface (change interface=eth0 into interface=tun0 into confvar.conf file or I don't remember how it is named). Restart pihole (I think using pihole restartdns). And see if you got answer.

Check this:

Code: Select all

ping 8.8.8.8
ping google.com
If only the first one fails, your DNS is missconfigured. If both fail, you may have an issue in your routing configuration (VPN not forwarding packet) ? Try both, I'll try to check the thread. I'm not an expert but I got may hands into DNS and routing stuffs lately ;).
RPI2B 7/24 - web, NAS/media, Owncloud and more
RPI0 7/24 - VPN, DHCP, DNS (including filtering), wakeonlan proxy
RPI0W - VPN gateway providing secure WIFI AP and network router, some kind of internet BOX when on the move ;)

Roken
Posts: 280
Joined: Sun Dec 31, 2017 4:35 pm
Location: UK

Re: OpenVPN with PiHole

Tue Jul 10, 2018 7:38 pm

No joy. I can ping 10.8.0.1 (well, from the Pi. Not from another machine on the LAN since it's a different subnet).

I can ping google by IP or unresolved name.

Doesn't matter is PiHole is listening on the0 and tun0 or just tun0.

AdBlocking on the LAN works, but not on the VPN.
Headless PI. OMG, someone cut it's head off. Oh, hang on. it didn't have one to start with.

mutrised
Posts: 44
Joined: Thu Nov 08, 2012 12:41 am
Location: France

Re: OpenVPN with PiHole

Wed Jul 11, 2018 9:24 am

It means that your VPN client do not used that same DNS server.

Code: Select all

dig google.fr
From a VPN client to check which DNS server it is using
RPI2B 7/24 - web, NAS/media, Owncloud and more
RPI0 7/24 - VPN, DHCP, DNS (including filtering), wakeonlan proxy
RPI0W - VPN gateway providing secure WIFI AP and network router, some kind of internet BOX when on the move ;)

Return to “Troubleshooting”