¡Esta es una revisión vieja del documento!
Our solution bases on the GL router, including the VPN Server and Client. Only for reference.
- Enable Lan Access on the server and client.
- Disable IP masq on the client. And configure the server to route to the client's subnet.
- In the client, DNS is configured as the wg server's address, and custom DNS override vpn dns is turned off.
- The server firewall is configured with a redirection rule that redirects traffic from port 53 of the wgserver to port 3053 (adguard).
- The client subnet DNS traffic will be directed to server.
- Client Luci add firewall rule:
iptables -w -t nat -I PREROUTING -i br-lan -p udp –dport 53 -j DNAT –to 10.6.0.1
restart the firewall and restarts the VPN.
https://forum-static.gl-inet.com/original/3X/7/7/778efed3ad3d3dbc3c0d109fdcb9f9bea9c1a246.png
Since the firewall menu has not the custom rule, please manual add in the SSH: Login the SSH,
Create the file:
vi /etc/firewall.user iptables -w -t nat -I PREROUTING -i br-lan -p udp –dport 53 -j DNAT –to 10.6.0.1
chmod 755 /etc/firewall.user
add the custom rule in the /etc/config/firewall:
config include 'user_script'
option type 'script'
option path '/etc/firewall.user'
option reload '1'
option fw4_compatible '1'
reboot OR /etc/init.d/firewall restart