Comments (5)
Best practice is to connect your router to the pi-hole instead of every device.
from pi-hole-on-google-compute-engine-free-tier-with-full-tunnel-and-split-tunnel-wireguard-vpn-configs.
Yeah, that doesn't seem to work though. I lose internet connectivity when I change my DNS to the reserved Google Cloud IP.
from pi-hole-on-google-compute-engine-free-tier-with-full-tunnel-and-split-tunnel-wireguard-vpn-configs.
Do you made your gcp pihole public? Don't do this. Please refer to https://www.reddit.com/r/selfhosted/comments/a3eym1/pihole_on_a_public_server_good_bad/.
Is the VPN connection between your router and the gcp pihole working proper?
from pi-hole-on-google-compute-engine-free-tier-with-full-tunnel-and-split-tunnel-wireguard-vpn-configs.
I did not deviate from the instructions at all.
There is no VPN connection between my router and gcp pihole.
On my phone, I'm using the wireguard VPN. On the router, it looks like I have only a tool to make my home network a VPN for when I'm not home, but not to enable a VPN that applies to the devices within my home network. I've done a little more research and it seems OpenWRT would work, but I'm wary of installing a custom firmware on a router that otherwise works very well for me, since low-skill with networking. The hardest thing I've ever done (before this) is turn my router into an AP, and connect a wireless printer to it.
I'm guessing the risk of disabling the VPN and making the pihole public is because then a bad actor could access the server, reprogram it, and hijack/hack me next time I connect, right?
Attached is a photo of the VPN settings page on my router.
from pi-hole-on-google-compute-engine-free-tier-with-full-tunnel-and-split-tunnel-wireguard-vpn-configs.
Well old thread, but might be useful for others.
I'm guessing the risk of disabling the VPN and making the pihole public is because then a bad actor could access the server, reprogram it, and hijack/hack me next time I connect, right?
Well, the main risk is that everyone can use your server as their DNS resolver. It will get a lot of requests and you run out from the Google Cloud free tier limits.
What you described is also possible, but requires some security vulnerabilities in Pi-Hole.
Other possible issues, like server being used for DDoS attacks:
https://developers.google.com/speed/public-dns/docs/security
from pi-hole-on-google-compute-engine-free-tier-with-full-tunnel-and-split-tunnel-wireguard-vpn-configs.
Related Issues (20)
- Update the excellent guide HOT 1
- Misinformation about GCP's free tier in this guide? HOT 1
- Cannot access ipv6 addresses from ipv4 only network through the tunnel HOT 1
- Question on split tunnel and port forwarding HOT 1
- Network Internet Egress from Americas to China HOT 8
- Automating Wanguard installation with Docker, Terraform and Cloud Run HOT 2
- CentOS 7 hardcoded into installer, not suitable for CentOS 8
- Second run of setup.sh breaks everything HOT 2
- Upgrade F1-micro to E2-Micro by Aug. 31, 2021 HOT 4
- pi.hole domain routed to incorrect IP HOT 2
- Question - ubuntu autoupdate and clean HOT 4
- Question - Configure automated Pi-Hole updates and scheduled reboots HOT 1
- Question - Managing peer to peer communications HOT 3
- Hide IP address on server HOT 1
- Localhost querying google.internal addresses dozens of times a second
- Change country HOT 1
- n
- Allowing peer-to-peer ssh/rdp/vnc
- IPv4 CIDR Block
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pi-hole-on-google-compute-engine-free-tier-with-full-tunnel-and-split-tunnel-wireguard-vpn-configs.