peacey
commented
2 years ago Hi @CaptInsano,
The problem isn't with any firewall rule but with the built-in dnsmasq only listening on LAN interfaces. You will need to add the wg0 interface to the dnsmasq configuration to get dnsmasq to reply to requests from the wireguard interface. Please see my comment here for instructions on how to do that.
Please tell me if you have any issues with the instructions or if it doesn't work. Thanks!
CaptInsano
Firstly thanks so much for your work on this, I am in the process of moving my Wireguard setup from my unRAID server to my UDM and so far it has been great thanks to your work.
My network layout: UDM 192.168.1.1 (which points my private network to my pihole as DNS with 1.1.1.1 as a backup & my guest network to just 1.1.1.1) Pihole 192.168.1.11 (currently, may move my DNS solution to UDM also with time) Wireguard Network: 10.252.1.0/24
I have created the firewall rule as per your README.md and I can access the local network and WAN if I set a DNS server other than the UDM (either setting 1.1.1.1 or even 192.168.1.11 works) in wireguard client configs but it does not work if I set the UDM as the DNS server itself.
For ease of use I would like to set the UDM as the DNS address in wireguard client configs if possible so that I do not need to change all my wireguard configs if I change my DNS solution down the line.
Examples incase I did not make this clear:
This works for client configs:
or this:
But, this does not work:
Is there a rule some something that I should create?
Thanks again for any help you can offer