If you keep this field empty, AdGuard Home will use Quad9 by default. You can specify multiple upstream servers in AdGuard Home settings, or you can even specify a DNS server that will be used to resolve specific domains. *NOTE* I did find that running AdGuard via OPNsense router to lower the processing time by more than half. AdGuard Home is basically a DNS proxy that sends your DNS queries to the upstream servers. Please let me know if you see any tweaks or better settings that you think can improve this, I'm more than happy to improve this and make this into a good guide. If you have multiple VLANs or LANs then duplicate the rule and change it to the relevant Interface and address.Īnd the same for any VLANs, just set the route IP for each VLAN. Only select: 'Register DHCP leases' & 'Register DHCP static mappings'Īdd a new Firewall rule to forward all DNS (Port 53) traffic to AdGuard: This way by default OPNsense will use itself (127.0.0.1) as the resolver which we want.Įnable Unbound (it could be disabled if you'd prefer, then remove the Boostrap DNS setup as above) Untick: Do not use the local DNS service as a nameserver for this system Set '8.8.8.8' as DNS server (Or whatever DNS you would like as a backup, if you only want AdGuard you can remove all DNS servers from this list and leave it blank) Settings -> DNS settings -> Bootstrap DNS servers -> Add router_ip:5353 Setup DNS as you would like it with your own providers. I set Admin interface to my main LAN as the only listen interface and via port 81 (OPNsense uses port 80 and 443 so select something other than this for AdGuard listen port and if you configure AdGuard's SSL settings)ĭNS Server listen interface select 'All' on Port 53. Navigate to router_ip:3000 to setup AdGuard. Setup for using AdGuard via the OPNsense community repoįirstly install the Community repo from: If you have VLANs or other LANs you may need to do some Firewall rules to allow traffic through to the DNS server IP on Port 53 (DNS) I found some iOS devices struggled without the below. Mainly due if you removed all DNS servers from System -> General Setup. I also found that I had to add the DNS specifically on each DCHP interface. Or you can follow the steps below to use a router_ip:5353 to loopback to OPNsense unbound as a backup. Destination port range: From: DNS - To: DNS
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |