WireGuard Clients not obeying specified DNS nameservers
-
I have my Pihole instance identified (10.1.1.10) as the DNS nameserver in my client configs but clients do not use it. What am I missing? Under my WireGuard rule tab, I have made an allow all rule which should allow access to my LAN where my Pihole resides.
-
@tibere86 Right off the top of my head, are clients configured for DoH or DoT. If so they are bypassing configured DNS
-
@michmoor - Hmmm. I'll try adding a port 53 redirect rule followed by DoH/DoT IP block rule and see if that helps.
-
@tibere86 that doesnt help if they are using DoH which works over 443. Also DoT works over port 853 which is easier to block.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.