I got a router with DHCP disabled and a Pi that has PiVPN using Wireguard, and Pi-hole with DHCP server enabled.
I got two MacBooks connected to Pi-hole: MacBook 1 has a little web server, MacBook 2 can surf to MacBook-1.local:8000 and browse the website.
iPhone is connected to PiVPN (via external 4G connection) and ads are indeed blocked because of Pi-hole. iPhone cannot surf to MacBook-1.local:8000. iPhone can also not ssh into raspberrypi.local. Why not ?
Re: PiVPN + local devices / DNS not working ?
For a start, mDNS (.local names) does no go across networks.
The Wireguard VPN is a network, so on either side of it machines can't see the other's .local domain.
Try connecting with the IP addresses.
Or with DNS names, e.g. macbook-1.<lan-domain-name>, if Pihole has defined a domain name for the LAN.
(DNS works across routers, otherwise the internet would not exist...)
The Wireguard VPN is a network, so on either side of it machines can't see the other's .local domain.
Try connecting with the IP addresses.
Or with DNS names, e.g. macbook-1.<lan-domain-name>, if Pihole has defined a domain name for the LAN.
(DNS works across routers, otherwise the internet would not exist...)
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel
Re: PiVPN + local devices / DNS not working ?
the hostnames inconsistently seem to work without .local extension. just surfing to http://macbook-1 works!
but SSH'ing the pi via its supposed hostname raspberrypi still does not...
but SSH'ing the pi via its supposed hostname raspberrypi still does not...
Code: Select all
pi@raspberrypi:~ $ pivpn -d
:::: PiVPN debug ::::
=============================================
:::: Latest commit ::::
commit 4e8d4dfd8ef01e49f3137d5fc5a2afa14a465e47 (grafted, HEAD -> master, origin/master, orig
in/HEAD)
Author: Orazio <orazioedoardo@users.noreply.github.com>
Date: Tue Apr 7 13:45:43 2020 +0200
Merge pull request #1000 from psgoundar/pivpn
Updated listOVPN to Include Expiration Dates
=============================================:::: Installation settings ::::
PLAT=Raspbian
OSCN=buster
USING_UFW=0
IPv4dev=eth0
IPv4addr=192.168.1.2/24
IPv4gw=192.168.1.1
install_user=pi
install_home=/home/pi
VPN=wireguard
pivpnPORT=51820
pivpnDNS1=10.6.0.1
pivpnDNS2=
pivpnHOST=REDACTED
INPUT_CHAIN_EDITED=0
FORWARD_CHAIN_EDITED=0
pivpnPROTO=udp
pivpnDEV=wg0
pivpnNET=10.6.0.0
subnetClass=24
UNATTUPG=1
INSTALLED_PACKAGES=()
=============================================
:::: Server configuration shown below ::::
[Interface]
PrivateKey = server_priv
Address = 10.6.0.1/24
ListenPort = 51820
# begin iphone
[Peer]
PublicKey = iphone_pub
PresharedKey = psk
AllowedIPs = 10.6.0.2/32
# end iphone
=============================================
:::: Client configuration shown below ::::
[Interface]
PrivateKey = iphone_priv
Address = 10.6.0.2/24
DNS = 10.6.0.1
[Peer]
PublicKey = server_pub
PresharedKey = psk
Endpoint = REDACTED:51820
AllowedIPs = 0.0.0.0/0, ::0/0
=============================================
:::: Recursive list of files in ::::
:::: /etc/wireguard shown below ::::
/etc/wireguard:
configs keys wg0.conf
/etc/wireguard/configs:
clients.txt iphone.conf
/etc/wireguard/keys:
psk server_priv server_pub iphone_priv iphone_pub
=============================================
:::: Self check ::::
:: [OK] IP forwarding is enabled
:: [OK] Iptables MASQUERADE rule set
:: [OK] WireGuard is running
:: [OK] WireGuard is enabled (it will automatically start on reboot)
:: [OK] WireGuard is listening on port 51820/udp
=============================================
:::: Having trouble connecting? Take a look at the FAQ:
:::: https://github.com/pivpn/pivpn/wiki/FAQ
=============================================
:::: WARNING: This script should have automatically masked sensitive ::::
:::: information, however, still make sure that PrivateKey, PublicKey ::::
:::: and PresharedKey are masked before reporting an issue. An example key ::::
:::: that you should NOT see in this log looks like this: ::::
:::: YIAoJVsdIeyvXfGGDDadHh6AxsMRymZTnnzZoAb9cxRe ::::
=============================================
:::: Debug complete ::::Re: PiVPN + local devices / DNS not working ?
I've found that for reliable, consistent DNS results on the local network, it's best to set up a definitive infrastructure that works in all scenarios.
Specifically, run your own DNS (and probably DHCP) servers. the Pi4 is plenty capable of supporting this for a home network. Pi-Hole for those that prefer GUI-based solutions, and there are tons of script-based solutions (including the one I use) for those that prefer shell-based.
In either case, no need to ever edit DNS config files and no "my computer can't be accessed" due to some naming or VPN-related issues.
And, if you run your own DHCP server as well, at some point in the future you'll be very happy with your past self when your router dies or needs to be replaced.
Specifically, run your own DNS (and probably DHCP) servers. the Pi4 is plenty capable of supporting this for a home network. Pi-Hole for those that prefer GUI-based solutions, and there are tons of script-based solutions (including the one I use) for those that prefer shell-based.
In either case, no need to ever edit DNS config files and no "my computer can't be accessed" due to some naming or VPN-related issues.
And, if you run your own DHCP server as well, at some point in the future you'll be very happy with your past self when your router dies or needs to be replaced.
Super-useful tools:
RPi SD Card Image Manager: https://github.com/gitbls/sdm
Lightweight Virtual VNC Config: https://github.com/gitbls/RPiVNCHowTo
Easy-Peasy VPN installer/manager: https://github.com/gitbls/pistrong
RPi SD Card Image Manager: https://github.com/gitbls/sdm
Lightweight Virtual VNC Config: https://github.com/gitbls/RPiVNCHowTo
Easy-Peasy VPN installer/manager: https://github.com/gitbls/pistrong
-
DustZombie
- Posts: 1
- Joined: Fri Apr 24, 2020 9:41 am
Re: PiVPN + local devices / DNS not working ?
TD540 wrote: ↑Wed Apr 22, 2020 9:02 pmthe hostnames inconsistently seem to work without .local extension. just surfing to http://macbook-1 works!
but SSH'ing the pi via its supposed hostname raspberrypi still does not...
mcdvoiceCode: Select all
pi@raspberrypi:~ $ pivpn -d :::: PiVPN debug :::: ============================================= :::: Latest commit :::: commit 4e8d4dfd8ef01e49f3137d5fc5a2afa14a465e47 (grafted, HEAD -> master, origin/master, orig in/HEAD) Author: Orazio <orazioedoardo@users.noreply.github.com> Date: Tue Apr 7 13:45:43 2020 +0200 Merge pull request #1000 from psgoundar/pivpn Updated listOVPN to Include Expiration Dates =============================================:::: Installation settings :::: PLAT=Raspbian OSCN=buster USING_UFW=0 IPv4dev=eth0 IPv4addr=192.168.1.2/24 IPv4gw=192.168.1.1 install_user=pi install_home=/home/pi VPN=wireguard pivpnPORT=51820 pivpnDNS1=10.6.0.1 pivpnDNS2= pivpnHOST=REDACTED INPUT_CHAIN_EDITED=0 FORWARD_CHAIN_EDITED=0 pivpnPROTO=udp pivpnDEV=wg0 pivpnNET=10.6.0.0 subnetClass=24 UNATTUPG=1 INSTALLED_PACKAGES=() ============================================= :::: Server configuration shown below :::: [Interface] PrivateKey = server_priv Address = 10.6.0.1/24 ListenPort = 51820 # begin iphone [Peer] PublicKey = iphone_pub PresharedKey = psk AllowedIPs = 10.6.0.2/32 # end iphone ============================================= :::: Client configuration shown below :::: [Interface] PrivateKey = iphone_priv Address = 10.6.0.2/24 DNS = 10.6.0.1 [Peer] PublicKey = server_pub PresharedKey = psk Endpoint = REDACTED:51820 AllowedIPs = 0.0.0.0/0, ::0/0 ============================================= :::: Recursive list of files in :::: :::: /etc/wireguard shown below :::: /etc/wireguard: configs keys wg0.conf /etc/wireguard/configs: clients.txt iphone.conf /etc/wireguard/keys: psk server_priv server_pub iphone_priv iphone_pub ============================================= :::: Self check :::: :: [OK] IP forwarding is enabled :: [OK] Iptables MASQUERADE rule set :: [OK] WireGuard is running :: [OK] WireGuard is enabled (it will automatically start on reboot) :: [OK] WireGuard is listening on port 51820/udp ============================================= :::: Having trouble connecting? Take a look at the FAQ: :::: https://github.com/pivpn/pivpn/wiki/FAQ ============================================= :::: WARNING: This script should have automatically masked sensitive :::: :::: information, however, still make sure that PrivateKey, PublicKey :::: :::: and PresharedKey are masked before reporting an issue. An example key :::: :::: that you should NOT see in this log looks like this: :::: :::: YIAoJVsdIeyvXfGGDDadHh6AxsMRymZTnnzZoAb9cxRe :::: ============================================= :::: Debug complete ::::
Effective and interesting post for reading, i really love it and waiting for updates