Jump to content

Help with home network, Pi-hole and VPN access

Picibeo
By Picibeo
in Networking
 Share
Posted

I've changed my network configuration in this way to cover the whole house:

 

Modem 192.168.0.1 --cable--> WAN Router1 192.168.1.1 --cable--> LAN Router2 192.168.1.2

 

Both routers are configured to use the same SSID and everything works fine, but...

 

1. Pi-hole is currently on network 192.168.1.0 and is configured as DNS for both routers, while the modem uses the ISP DNS. Would it make sense to connect the Pi-hole directly to the modem? Does it make any difference?

 

2. The ISP modem supports an ISP provided VPN (that works well), but of course with the current configuration I can access only the modem's network (192.168.0.0) and not the router's LAN (192.168.1.0). How should I configure the modem and Router1 to access the 192.168.1.1 network through the VPN?

 

Thanks!!

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 hour ago, Picibeo said:

I've changed my network configuration in this way to cover the whole house:

 

Modem 192.168.0.1 --cable--> WAN Router1 192.168.1.1 --cable--> LAN Router2 192.168.1.2

 

Both routers are configured to use the same SSID and everything works fine, but...

 

1. Pi-hole is currently on network 192.168.1.0 and is configured as DNS for both routers, while the modem uses the ISP DNS. Would it make sense to connect the Pi-hole directly to the modem? Does it make any difference?

 

2. The ISP modem supports an ISP provided VPN (that works well), but of course with the current configuration I can access only the modem's network (192.168.0.0) and not the router's LAN (192.168.1.0). How should I configure the modem and Router1 to access the 192.168.1.1 network through the VPN?

 

Thanks!!

 

You could always try it and find out.  You could also choose some different numbers for your stuff.  Double ending for no reason doesn’t make a lot of sense to me.  Since everything behind the dns is non routable anyway it shouldn’t make much difference. 169.244…?  I can’t remember the number..

Not a pro, not even very good.  I’m just old and have time currently.  Assuming I know a lot about computers can be a mistake.

 

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
8 hours ago, Bombastinator said:

You could always try it and find out.  You could also choose some different numbers for your stuff.  Double ending for no reason doesn’t make a lot of sense to me.  Since everything behind the dns is non routable anyway it shouldn’t make much difference. 169.244…?  I can’t remember the number..

Yes I can try. But maybe I formulated my question in the wrong way: 

Having pihole as dns for the internal network or instead of the ISP’s DNS shouldn’t make any difference in terms of blocking/tracking and/or queries that go to the ISP, right?

 

As per using different network numbers, what is the advantage? 
 

Thanks! 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
2 hours ago, Picibeo said:

Yes I can try. But maybe I formulated my question in the wrong way: 

Having pihole as dns for the internal network or instead of the ISP’s DNS shouldn’t make any difference in terms of blocking/tracking and/or queries that go to the ISP, right?

It really shouldn't make a difference (as long as you have your ISP's dns in you pihole), though loading websites would take a bit longer. Because a dns query will go to your pihole, then to your ISP.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
12 hours ago, Picibeo said:

I've changed my network configuration in this way to cover the whole house:

 

Modem 192.168.0.1 --cable-->  192.168.0.2? WAN Router1 192.168.1.1 --cable--> LAN Router2 192.168.1.2

 

Both routers are configured to use the same SSID and everything works fine, but...

 

2. The ISP modem supports an ISP provided VPN (that works well), but of course with the current configuration I can access only the modem's network (192.168.0.0) and not the router's LAN (192.168.1.0). How should I configure the modem and Router1 to access the 192.168.1.1 network through the VPN?

 

 

you configure your modem routing so that network 192.168.1.0/24 is accessible through the wan router's IP that's in 192.168.0.0/24

 

 

what happens is, you connect to your modem with a VPN, and send packets to 192.168.0.0 and that works because the modem knows who that is

but the moment you send a packet with destination in 192.168.1.0 the modem is like "where's that??" and drops the packet.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
6 hours ago, Nuh_ said:

you configure your modem routing so that network 192.168.1.0/24 is accessible through the wan router's IP that's in 192.168.0.0/24

 

 

what happens is, you connect to your modem with a VPN, and send packets to 192.168.0.0 and that works because the modem knows who that is

but the moment you send a packet with destination in 192.168.1.0 the modem is like "where's that??" and drops the packet.


How do I do that? With a static route?

if yes, I created one with target network 192.168.1.0 and “forward to device” set as the wan’s router ip, but it still doesn’t work… am I missing something?

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
30 minutes ago, Picibeo said:


How do I do that? With a static route?

if yes, I created one with target network 192.168.1.0 and “forward to device” set as the wan’s router ip, but it still doesn’t work… am I missing something?

I only have a prayer of doing it in CMD. This static IP, do you have a static IP from your ISP? If no, the modem is going to be dhcp on both ends.  I’m assuming the clients can talk to each other fine through the router that isn’t the modem, right?

Not a pro, not even very good.  I’m just old and have time currently.  Assuming I know a lot about computers can be a mistake.

 

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 hour ago, Picibeo said:


How do I do that? With a static route?

if yes, I created one with target network 192.168.1.0 and “forward to device” set as the wan’s router ip, but it still doesn’t work… am I missing something?

you still have to tell your device to send traffic going to 192.168.1.0 through the VPN to the 192.168.0.0 network

 

it seems as if your computer is dropping the packets before they leave due to it not knowing where to send them

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
On 4/12/2022 at 7:03 PM, Bombastinator said:

I only have a prayer of doing it in CMD. This static IP, do you have a static IP from your ISP? If no, the modem is going to be dhcp on both ends.  I’m assuming the clients can talk to each other fine through the router that isn’t the modem, right?

I don’t have a static IP from the ISP, but I’ve a DynDNS service coupled with the VPN that works. 

Yes, clients talk to each other. I just cannot reach them through the VPN because I can see only the modem network. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
On 4/12/2022 at 7:54 PM, Nuh_ said:

you still have to tell your device to send traffic going to 192.168.1.0 through the VPN to the 192.168.0.0 network

 

it seems as if your computer is dropping the packets before they leave due to it not knowing where to send them

How do I do that?

I would like to access all the clients connected to the two routers via VPN. If that is even possible. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
2 hours ago, Picibeo said:

How do I do that?

I would like to access all the clients connected to the two routers via VPN. If that is even possible. 

not sure

yes it's possible

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
3 hours ago, Picibeo said:

I don’t have a static IP from the ISP, but I’ve a DynDNS service coupled with the VPN that works. 

Yes, clients talk to each other. I just cannot reach them through the VPN because I can see only the modem network. 

Is one of the systems running ipv6?

Not a pro, not even very good.  I’m just old and have time currently.  Assuming I know a lot about computers can be a mistake.

 

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 hour ago, Nuh_ said:

not sure

yes it's possible

It is on the command line.  May be in the gui as well as the CLI but I only know how to get to it from command line. You can do that in CMD or powershell on any windows10 instal. Powershell is a bit like CMD+ and it has the convenience of having a version for linux, mac, and windows.  The previous front runner was KORNshell which uses a lot of commands very similar to CMD.  Learn powershell and you’ve learned CMD though.  It’s only real problem is many of its operators are extremely long.

Not a pro, not even very good.  I’m just old and have time currently.  Assuming I know a lot about computers can be a mistake.

 

Life is like a bowl of chocolates: there are all these little crinkly paper cups everywhere.

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Networking

×