How to run an external pi-hole with Firewalla



1 comment

  • Avatar

    Just wanted to share my experience applying this to Adguard Home. I have a Raspberry Pi 3b+ with the DietPi OS installed and Adguard Home with Unbound. This also works with Pi-hole with Unbound but there are a few extra steps.

    - Created a new network on its own dedicated Firewalla port and plugged in the Pi

    - Created standard rules for this network to Block Traffic from & to All Local Networks and Block Traffic from Internet.

    - In the Firewalla phone app, under the Network Manager settings for each LAN network, set the Primary DNS Server address to the IP of the Pi. I did this for two networks and two VLANs that I wanted to route through the Pi/AdGuard/Unbound.

    It appears the DNS Booster function will intercept the DNS requests, and the Firewalla box will then forward the DNS request to the Pi without having to create any rules to allow DNS traffic between local networks. I did have to create a rule to allow my management machine to access the Pi machine so that I could see the Adguard Home web interface: Allow [IP of Pi]:[port], outbound only. Similar rule to use PuTTY to connect.

    Comment actions Permalink

Please sign in to leave a comment.