Ad Block Not Working
Hi all,
I just got my Firewalla Gold today and struggling with ad blocking. I have a Raspberry Pi loaded with Pi-Hole which has been working flawlessly. I added the Firewall Gold and for the initial 5 to 10 minutes, routing DNS through the Rasp Pi worked as I expected, then everything fell apart. No internet connection at all. I change DNS to local on the Gold and it works, but ad-block feature and it doesn't appear to be blocking anything at all. I have confirmed the settings are applying to all systems on the network.
I saw some instructions about loading Pi-hole on the Firewalla Gold, but the first thing it says is create a list of folders, but doesn't say where or how, so not even sure where to start. I have python loaded, but not very good at it.
Has anyone figured out a workaround? Without ad blocking, I lose half of what I was trying to achieve with the purchase. The other part is my hope to be able to use the hardware for 3rd party VPN, while redirecting one segment for my work laptop and it's requirements.
The unit is set up as a router with my wifi running in bridge mode.
Anyone else run into issues with theirs and resolved?
Thanks in advance!
-
See this quick article
https://help.firewalla.com/hc/en-us/articles/360051284214-Firewalla-Gold-FAQ-and-Known-Issues
Gold with Pi-hole not resolving some of the DNS entries?
If client DNS is set to pihole's IP address
Since client and pihole are in the same network, the DNS traffic is directly sent to the pihole and will not go through layer 3 (IP layer) of Gold. Therefore, DNS interception on Gold will not take effect and DNS-based features will not work.
If client DNS is set to Gold's LAN IP
DNS traffic from the client will first be sent to Gold. All kinds of DNS-based features will work and if DNS cache is not hit on Gold, it will be further forwarded to pi-hole in the local network for resolution.
Here is an alternative way to make domain block work with pihole in the network:
-
Create another local network segment on Gold
-
Move the pihole to the newly created network
-
Change the DNS server in the old network's DHCP options to the new IP address of pihole
This way, all DNS traffic from other devices to pihole will go through Gold and DNS-based features will
-
-
I saw the above article and created a new segment with a different IP, old = 10.0.1.0 and new 192.168.85.0, placed all systems on the 192 segment and the pi-hole on the 10 segment, pointing the DNS on the 192 segment to the 10 segment, but things went badly. I likely butchered the above, so if the attached solution does work, any guidance is much appreciated.
-
I'm beyond frustrated!. Nothing seems to work. Family protect, ad block. I've enabled them all and removed Pi-hole from my network, relying solely on the Firewalla, but while I'm getting logs and alerts, it's not blocking any of the sites!
I've tried network segmentation several times using different subnets and nothing would route ad blocking through my pi-hole either. I'm not a complete idiot, though networking isn't my best subject and never has been. That said, I've followed some well written guides to get things done. Problem is, I haven't found anything well written. The network segmentation documents here give me use cases. I know the use cases, it's why I bought Gold, instead of Red or Blue. I can get two networks to communicate out (192.168.x.s and 10.0.x.x as an example), but short of that, absolutely nothing else is working.
Are there any step by step guides? Surely with the Covid lockdown, there's been more demand for the Gold for those of us who need to keep the two sides of our lives separate!
Thanks in advance.
-
@rj834
My suggestion would be to leave the pi-hole out of the picture first and see if you can get everything working. This way you can ensure the basic features are working, and then slowly introduce another element into your network.
If you haven't, you should run the Gold in router mode, it has lesser problems with compatibility.
-
Hi There,
I abandoned the Pi-hole earlier today, but still have not been able to get the ad blocker working. The page on your site which states test to see if it's working with an attached link shows ads! I have read that your technology isn't perfect due to not scanning any data streams, but it does't appear to be working at all at this point. Turned off or on, every page I browse to on one system with block turned on and another with block disabled show the same number of ads!
I've selected all systems or select systems, but no change, even after reboot. What could I be doing incorrectly?
Thanks.
-
Did you turn off "DNS booster feature?" If you did, better turn on.
If you still have pi-hole running locally, you probably want to turn it off for the initial test.
Check the test machine and make sure it is not running DoH, adblocker only works if it can see DNS requests.
And lastly, if nothing works above, and you are running in router mode, please send an email to help@firewalla.com, we will get someone help you out
Please sign in to leave a comment.
Comments
7 comments