No local DNS when connected to SSL VPN

Hi Joe,

The issue seems to be with your connection to the Pi-hole DNS server. Is the 10.0.0.4 IP included in the Permitted network resources?

So, I can access 10.0.0.4 from my phone while connected to the VPN.  So wouldn't that mean it's accessible?

With "local ACL" you allow access to the firewalls DNS-service.

You need an additional firewall rule to access DNS on 10.0.0.4. Do you have such a rule?

Like this?

Doesn't seem to change anything so maybe I did this wrong?

this allows access to the DNS-service of the firewall.
If you use the firewall-IP for DNS, this may work.

If you wish to use an different DNS-server, you need a firewall-rule (not a local ACL) to allow this access.

Create a LOG-and-DROP rule at the end of your firewall rule set and check for dropped packets.

The first part of what you said makes sense...

for the second part... Is that rule not already created?

The configuration is correct, and you should be able to access it.

Since you mentioned that you’re accessing it through your phone, can you also try connecting to the VPN using a PC if you experience the same issue? Since in a PC, you can issue a nslookup and confirm if the DNS server will respond to you

You can also try creating a firewall rule with source LAN to destination VPN just to be sure.

Yes, these rule should allow access to the PiHole.
if you enable logging, you can check this.