Synology VPN Server + PiHole + Dnscrypt + Further VPN + Any suggestions

Currently reading
Synology VPN Server + PiHole + Dnscrypt + Further VPN + Any suggestions

76
19
NAS
DS916+
Operating system
Windows
Mobile operating system
Android
Hello all,

If you have been a recent visitor to these forums you may have noticed all the questions I've been asking......and today is no different.

For context, I setup Pi-Hole on my NAS via Docker, which is working great. I then setup Synology VPN Server which allows me to remotely connect to my NAS via OpenVPN and utilise the benefits of Pi-hole on my mobile phone whilst away from the house.

Now my three questions are;

1) I would like to setup Dnscrypt on my NAS to give me that extra layer of security. I've searched the Internet however there are a lack of guides that cater for my level of expertise (limited). I've tried several however each manages to lose me at varying steps. Can anyone point me to a suitable guide please?

2) Secondly, I would like to have all Internet traffic LEAVING my NAS protected by VPN. Online advice is mixed, from no it can't be done, to it can but by utilising DSM in a Docker. Can anyone here give me a definitive answer please?

3) Lastly, can anyone recommend any further steps to anonymise and protect my online presence further?

As always, many thanks.
 
76
19
NAS
DS916+
Operating system
Windows
Mobile operating system
Android
1. The answer you probably don't want... is to jettison PiHole and use Adguard Home. IMO AH is superior in every way to PH. Clearly, not everyone agrees.

https://kb.adguard.com/en/general/dns-providers
Many thanks for the suggestion.

After a quick look at it, it would appear that Adguard Home incorporates "Pi-Hole & Dnscrypt" like services into one package. I'll have a proper scour of the web to compare the two. As a plus, Adguard has an Android app, and so I won't need to connect to my NAS.
 

Rusty

Moderator
NAS Support
1,885
575
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
RT1900ac, RT2600ac, MR2200ac
Secondly, I would like to have all Internet traffic LEAVING my NAS protected by VPN. Online advice is mixed, from no it can't be done, to it can but by utilising DSM in a Docker. Can anyone here give me a definitive answer please?
You could have a look here under the section “ NAS as a VPN clien”

Keep in mind that if go down this road you will have to manage a bit more on the network layer in order to allow yourself access to your NAS from the outside. An elegant solution to avoid this is to separate your incoming and outgoing vpn needs with 2 separate devices (like your nas and your router). Putting it both on the same unit will also not be possible at the same time (officially). So having a vpn server and usin the same nas as a vpn client, DSM will complain.
 
21
6
NAS
DS218+
Operating system
Linux, Windows
Mobile operating system
Android, iOS
I'm not an expert,
but I feel way more secure running the VPN server on my router,

In case it becomes compromised or if I have made mistakes in setting it,
there is another layer of security behind my router,
the NAS

Having a firewall before your NAS (and your rest network) is the best option if you want access from WAN.

There are some free options like pfSense, OPnSense, Sophos XG etc.
that can run on a mini PC with an electricity consumption similar to a router and an initial cost a liitle more than a good router
but they all need some study and internet searching if you know little about networks like me
 
76
19
NAS
DS916+
Operating system
Windows
Mobile operating system
Android
Thank you for everyone's thoughts.

I think until I can bring my knowledgebase up to the required standard to use the complete home VPN solution ill be best placed to use Adguard. I've set it up and I'm very impressed, allows for the use of NordVPN's own DNS servers too.

I've moved over to Brave browser also. I'd be really interested to hear if anyone had any other suggestions.
 
205
15
NAS
DS1019+
Mobile operating system
Android
hi @Mike12421
curious as to how you got pihole docker working.
i have pihole installed using the official pihole docker, and the webui works fine, however no device on the LAN can connect to it as it doesn't appear to be accessible on port 53.

if i do a "telnet 192.168.1.2 53" then i get no response.
docker network is in host mode.

how did you install yours to get it working?
my settings file is attached
 

Attachments

205
15
NAS
DS1019+
Mobile operating system
Android
Strangely that's the tutorial I used to create, but it's simply not listening on port 53, so nothing on the network can use it for DNS.

I had adguard running and working but didn't like it.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Top