WireGuard connection accessing AdGuard not resolving DNS rewrites

OttPeterR · February 17, 2022, 1:52pm

Hey guys, I have both AdGuard and WireGuard running and working. I can vpn in via WireGuard and it hits my AdGuard DNS properly, queries from the VPN’s IP show up in AdGuard’s logs. I can remotely connect to my local machines via ip, but I cannot get to them by hostname. I also have their hostnames entered in AdGuard’s “DNS rewrite” filter section (hostname is rewritten as IP), but for some reason those queries do not get shown in AdGuard’s logs. The rewrite rules work locally, so I believe they are correct. I have also tried with both a DNS rewrite filter and a custom filtering rule to no avail. I’ve been testing with an iPhone and a MacBook, so perhaps this is something that Apple does differently with DNS and hostnames that is the problem? My local network is 192.168.10.1/24 and my vpn is 192.168.9.1/24. I’m no networking guru so maybe that’s got something to do with it? Any advice would be greatly appreciated!

Mecroob · March 7, 2022, 2:05pm

I am having the exact same problem. I use an Android phone to connect to my VPN, so it does not seem to be an Apple problem.

I am also a bit confused, as this answer suggests using my LAN address for the WireGuard DNS setting, while in the WireGuard Addon documentation it (still) says to use 172.30.32.1. However, I tried both with no success.

Mecroob · March 14, 2022, 7:46am

It is working again, after the latest AdGuard update. Don’t know what broke there.

OttPeterR · March 14, 2022, 12:17pm

I’ve tried with 172.30.32.1 and the LAN address and my local host names arent working after the update yet, which IP are you using as your DNS entry in your VPN config?

Mecroob · March 31, 2022, 11:36am

Sorry, I forgot to turn on the notifications, so I didn’t see your reply.

I use 172.30.32.1 as the DNS entry in my VPN config. But I have tried it with the LAN address and it is working as well for me. So unfortunately I can’t tell you why it is not working for you. As I said, it started working for me again after the last update.

L4rryFisherman · August 27, 2022, 9:38pm

@OttPeterR
Hope you managed by now, for others who stumble on this later:

The default setup in Wireguard has a different structure than the provided example in the documentation tab.I changed to order to match the example in the documentation.

Additionally if you use the QR-code, notice that the code updates every time you change any of the config! I.e. you cannot just re-enable wireguard to check if your config changes worked, you have to scan the new QR.

Working example:

Peers

- name: <my_client_name>
  addresses:
    - 172.27.66.2
  allowed_ips: []
  client_allowed_ips:
    - <my_HA_ip>

Server

addresses:
  - 172.27.66.1
dns:
  - <my_HA_ip>
host: <my_duck_address>.duckdns.org