Hello! I want to set up a pi-hole on my home and connect from my parent’s. Both setups have a dynamic IP assigned by my isp and are different networks.
I have a couple of questions:
- I can get a domain that updates automatically. But how would I resolve it on the client side?
- Is there any way to authenticate on the server? By Mac maybe? That can be spoofed right?
Edit: my bad, thanks for correcting me, Mac is another layer completely
- Can setting up a VPN solve both (1) and (2)?
- Is there any other way?
Thanks!
@papelitofeliz
VPN for sure:
Set up both locations with Dynamic DNS providers. DuckDNS is free, but if you’re building infrastructure you may as well buy your own domain and set it up through that (Namecheap is what I use and recommend).
Set up a Wireguard tunnel between both locations. Do *not* specify an endpoint for either. You could specify endpoints to boost security (barely), but it will cause your system to fail during IP changes, for the duration of the TTL.
@papelitofeliz
3. Set up your PiHole on a static private IP.
Ensure both sites can route across the tunnel. Based on your experience level and scope, dynamic routing is not recommended or necessary, which means static routes. Point a route for each side’s subnet to the Wireguard tunnel IPs so your firewalls know how to reach and respond to each other across the tunnel.
Configure your devices to use PiHole for their DNS, via DHCP ideally.
I didn’t look anything up yet. But can the wireguard tunnel be setup on the router level (I have a cheap Mikrotik) or as a network service? So clients don’t have to install custom stuff