Adding Client IP to allowed Clients automatically
-
Hi There,
I have setup my public IP of my ISP to the list of allowed Clients in AdGuard Home.
Everytime (1-2 months) my public IP is changing I have to replace the IP with the new IP. As the DNS requests from my router get blocked until I update it, I have some undesired impact at home.So the question is: Is there a way to add or replace a Client IP in allowed Clients List programmatically or automatically?
If no, how do you solve that problem?Best,
Michael -
You should check if your router supports DNS over TLS (DoT). If so, you can make use of AdGuard Home's Client ID feature to allow requests from your router, see https://docs.cloudron.io/apps/adguard-home/
-
Hi @nichu42 its a FRITZ!Box 7510 and there are settings for DoT. I already put in the DNS Name of my AdGuard Home Instance, but it doesn't seem to work. Maybe I did misconfigure the other DNS Settings in the router? What DNSv4-Server would I have to configure in the router? Currently there is the IP-Address of AdGuard Instance.
-
Hi @nichu42 its a FRITZ!Box 7510 and there are settings for DoT. I already put in the DNS Name of my AdGuard Home Instance, but it doesn't seem to work. Maybe I did misconfigure the other DNS Settings in the router? What DNSv4-Server would I have to configure in the router? Currently there is the IP-Address of AdGuard Instance.
@Kubernetes
Is your AdGuard Home's DoT setup working elsewhere? You can easily check by using "Private DNS" on an Android phone or tablet.In your FRITZ!Box config, you only need to enter the address in this format: clientid.wildcarddomain.yourserver.tld, e.g. cjhff54434nj.adguard.mydomain.tld
You need to enable DoT usage, of course. DNSv4 or DNSv6 can be anything (you can leave it to your provider's DNS defaults). It is only needed to resolve your AdGuard Home server address.
If you want to use a non-encrypted fallback, you should enter a privacy-focused service, of course. If you are located in Europe, you could use https://dnsforge.de/ or https://github.com/DigitaleGesellschaft/DNS-Resolver for example. -
@nichu42 thanks for your advise and try to help. However I don't get it working. When I use something like cjhff54434nj.adguard.mydomain.tld the DNS-Name cannot be resolved. When I add cjhff54434nj.adguard.mydomain.tld to my DNS or as an Alias to Adguard Config in Cloudron, it can be resolved and DNS is working, but in the Request Log the Client ID does not show up. I assume that when I remove the ISP IP from Client IDs I will loose DNS functionality.
I still don't understand how that setup should be - is that list right?
- add Client ID (eg. Client001) to AdGuard Home
- add Alias for AdGuard Home and Client ID to Cloudron Config for AdGuard Home App (eg. client001.domain.tld)
- add client001.domain.tld to router for DoT
Is this the way it should work, or do I miss something?
-
I think I have a Problem with the Certificate in AdGuard Home
Any Ideas how to fix that?
-
Maybe its the same issue that Lukas had some time ago. However, somehow it seems to work now... not 100% sure, but it looks good for the moment
-
I think it is working now. Thread can be closed (I tried myself but didn't find the option)
-
N nebulon marked this topic as a question on
-
N nebulon has marked this topic as solved on
