Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Wireguard force to use own dns server

    Scheduled Pinned Locked Moved DHCP and DNS
    6 Posts 3 Posters 623 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Antibiotic
      last edited by Antibiotic

      Hi, this is my settings:
      Screenshot_6-4-2024_19149_192.168.10.1.jpeg Screenshot_6-4-2024_191328_192.168.10.1.jpeg Screenshot_6-4-2024_191235_192.168.10.1.jpeg
      But still have a DNS leakage for Wireguard Interface?
      DNS resolver use forwarding mode

      Screenshot_6-4-2024_193717_dnscheck.tools.jpeg

      pfSense plus 24.11 on Topton mini PC
      CPU: Intel N100
      NIC: Intel i-226v 4 pcs
      RAM : 16 GB DDR5
      Disk: 128 GB NVMe
      Brgds, Archi

      V M 2 Replies Last reply Reply Quote 0
      • A Antibiotic referenced this topic on
      • V
        viragomann @Antibiotic
        last edited by

        @Antibiotic
        Is your first DNS server even responding?

        Seems strange to me that it has a RFC 6598 IP.

        A 2 Replies Last reply Reply Quote 0
        • M
          MoonKnight @Antibiotic
          last edited by

          @Antibiotic

          Try to make an NAT DNS redirect rule:

          Interface	Protocol	Source Address	Source Ports	Dest. Address	Dest. Ports	NAT IP	   NAT Ports	Description	Actions

WIFI	          TCP/UDP	  WIFI subnets	     *	             *	          53(DNS)     100.64.0.7   53 (DNS)

          9fb97857-e6bc-4026-bc87-9a2c9041041e-image.png

          --- 24.11 ---
          Intel(R) Xeon(R) CPU D-1518 @ 2.20GHz
          Kingston DDR4 2666MHz 16GB ECC
          2 x HyperX Fury SSD 120GB (ZFS-mirror)
          2 x Intel i210 (ports)
          4 x Intel i350 (ports)

          1 Reply Last reply Reply Quote 0
          • A
            Antibiotic @viragomann
            last edited by

            @viragomann Yea, misunderstood settings. This one DNS server have to put in Wireguard VPN gateway, not as main DNS resolver. Everything is working now)))

            pfSense plus 24.11 on Topton mini PC
            CPU: Intel N100
            NIC: Intel i-226v 4 pcs
            RAM : 16 GB DDR5
            Disk: 128 GB NVMe
            Brgds, Archi

            1 Reply Last reply Reply Quote 0
            • A
              Antibiotic @viragomann
              last edited by

              @viragomann BTW, did you try Crowdsec?
              What do you think about this engine, is it only profit if pfSense have open ports on WAN?

              pfSense plus 24.11 on Topton mini PC
              CPU: Intel N100
              NIC: Intel i-226v 4 pcs
              RAM : 16 GB DDR5
              Disk: 128 GB NVMe
              Brgds, Archi

              V 1 Reply Last reply Reply Quote 0
              • V
                viragomann @Antibiotic
                last edited by

                @Antibiotic
                No, I just use pfBlockerNG on pfSense with a view lists.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.