Updated FAQ (markdown)

Orazio 2019-12-18 20:44:56 +01:00
parent 3cf18041d8
commit 3fec544b0e

21
FAQ.md

@ -17,19 +17,22 @@ Yes. To change the hostname or IP address, you will need to change `/etc/openvpn
## My ISP doesn't give me a static external IP address, so my servers IP address keeps changing! ## My ISP doesn't give me a static external IP address, so my servers IP address keeps changing!
You will need a dynamic DNS service and a hostname. If your IP address changes, your hostname will then automatically point to the new IP address. Some free dynamic DNS services are <http://noip.com> or <http://freedns.afraid.org/>. You will need a dynamic DNS service and a hostname. If your IP address changes, your hostname will then automatically point to the new IP address. Some free dynamic DNS services are <http://noip.com> or <http://freedns.afraid.org/>.
## Installing with pi-hole ## Installing with Pi-hole
You can safely install pivpn on the same raspberry pi as your pi-hole install. If you point your openvpn clients to the IP of your pi-hole for DNS (so they get ad blocking etc) then you will want to be sure you create `/etc/dnsmasq.d/02-pivpn.conf` and add for example: `listen-address=127.0.0.1, 192.168.1.2, 10.8.0.1`a or `interface=tun0` to allow dns resolution from the vpn interface. You can safely install PiVPN on the same Raspberry Pi as your Pi-hole install, and point your VPN clients to the IP of your Pi-hole so they get ad blocking, etc. Here's how:
Note your listen-address may just contain 127.0.0.1, the next IP should be the local IP of your pi-hole and the final IP, 10.8.0.1 is the PiVPN vpn interface.
If you set this and have your vpn clients use 192.168.1.2 (in my example) as their DNS then you will get ad blocking over your VPN connections.
More Detailed setp-by-step read: https://github.com/pivpn/pivpn/issues/885
1. Edit the server config with `sudo nano /etc/openvpn/server.conf`
2. Remove every `push "dhcp-option DNS [...]"` line
3. Add this line `push "dhcp-option DNS 10.8.0.1"` to point clients to the PiVPN IP
4. Save the file and exit
5. Restart openvpn with `sudo systemctl restart openvpn`
6. Create a new file `sudo nano /etc/dnsmasq.d/02-pivpn.conf`
7. Add `interface=tun0` inside to tell Pi-hole to listen on the VPN interface as well
8. Save the file end exit
9. Restart Pi-hole with `pihole restartdns`
## Allow Clients to connect but block their access to the internet ## Allow Clients to connect but block their access to the internet
If you don't want your VPN clients to be able to access the internet simply comment the following line in `/etc/openvpn/server.con` If you don't want your VPN clients to be able to access the internet simply comment the following line in `/etc/openvpn/server.conf`
``` ```
push "redirect-gateway def1" push "redirect-gateway def1"