1
0
mirror of https://github.com/pi-hole/pi-hole synced 2024-10-29 19:59:43 +00:00

Updated OpenVPN server: Dual operation: LAN & VPN at the same time (markdown)

DL6ER 2018-01-02 13:45:38 +01:00
parent b3f8729110
commit 4cbb786d49

@ -1,7 +1,7 @@
### Dual operation: LAN & VPN at the same time
> Up until now, this wiki has been about a server set up on a cloud host, available on the public Internet. This section is aimed at a server setup behind a private network.
>
> So if blocking works using `eth0` but stops working for `tun0`, as described [here](https://github.com/pi-hole/pi-hole/issues/1553), you may want to run this command `pihole -a -i all`, which should get the behaviour you want by opening dnsmasq up to listen on all ports. This is not recommended for cloud servers as they should _not_ be listening on `eth0`.
**Up until now, this wiki has been about a server set up on a cloud host, available on the public Internet. This section is aimed at a server setup behind a private network.**
So if blocking works using `eth0` but stops working for `tun0`, as described [here](https://github.com/pi-hole/pi-hole/issues/1553), you may want to run this command `pihole -a -i all`, which should get the behaviour you want by opening dnsmasq up to listen on all ports. This is not recommended for cloud servers as they should _not_ be listening on `eth0`.
If you want to set up your Pi-hole + OpenVPN such that you can use from both internal ((W)LAN) and external (VPN) networks, you have to apply some small changes. As additional benefit, you will be able to reach all devices in the internal network (e.g. computers, networking-aware printers, etc.) through the VPN.
@ -65,7 +65,7 @@ PING 192.168.2.123 (192.168.2.123) 56(84) bytes of data.
rtt min/avg/max/mdev = 18.740/18.894/19.017/0.189 ms
```
***
> The undocumented `pihole -a -i all` command is simply what runs when you choose _Listen on all interfaces, permit all origins (make sure your Pi-hole is firewalled)_, which if you've read this far in the tutorial, you should understand that we don't want you to knowingly or unknowing set up an open resolver.
### Important last step
The undocumented `pihole -a -i all` command is simply what runs when you choose _Listen on all interfaces, permit all origins (make sure your Pi-hole is firewalled)_, which if you've read this far in the tutorial, you should understand that we don't want you to knowingly or unknowing set up an open resolver.
![screenshot at 2017-07-08 01-20-28](https://user-images.githubusercontent.com/16748619/27980105-b11fbc3c-637b-11e7-843e-4ec6702d6286.png)