×


How to pair Pi-hole with an OpenVPN Server to block ads and enhance privacy on Ubuntu / Debian Linux?

Are you facing issues with installing Pi-hole to block ads, reduced my 4G/3G/LTE traffic on the same Debian or Ubuntu Linux server? This guide will help you.


Pi-hole is free and open source software to block ads and tracking domain which helps in ad blocking on all devices on the network from your smartphone to your tablets including all desktop computers.

Here at LinuxAPT, as part of our Server Administrator Services, we regularly help our Customers to perform Software Installation on their Ubuntu Server.


In this context, we shall look into the right way to configure an OpenVPN server on a Debian or Ubuntu Linux v14.04/16.04 LTS as well as Pi-hole ad blocking software Installation and Configuration.



More about Pi-hole?

Pi-hole is a very effective tool for bypassing Ad blocker detection. It helps in blocking in app ads on iOS and Android/Windows devices.

Some of its advantages are outlined below;


i. Pi-hole helps in Blocking all advertisements using network-level DNS based blocking.

ii. It is dynamic in nature as it works with both apps and websites regardless of operating system.

iii. It allows you to pair your Pi-hole with a VPN software such as OpenVPN for on-the-go ad-blocking and save on data 3G/4G/LTE costs.

iv. It provides an improved privacy and security due to blocking of ads and tracking codes.


How to install OpenVPN on Ubuntu?

In this guide, I am setting up on a Ubuntu 16.04 LTS server.

To get OpenVPN installed, you can run the following commands;

wget https://git.io/vpn -O openvpn-install.sh
sudo bash openvpn-install.sh

You will be prompted with the instructions to install OpenVPN on your screen.


How to install Pi-hole on a Linux server

Let's assume that we already have a functioning OpenVPN Server with the client configured to OpenVPN on OSX/Windows/Linux/FreeBSD/iOS/Android devices, then the first line of action is to find and note down your OpenVPN server IP address.

To do this, run the following command;

ip a show dev tun0

This will display some server IP addresses information.

For instance, if the IP address is "121.110.110.008/24", then you also have to give tun0 as an interface name including your default gateway IP address such as 192.168.2.254 as shown below;

ip r | grep default
default via 192.168.2.254 dev br0 onlin


Note that Pi-hole was designed for Raspberry PI hardware but it also works fine on Ubuntu and Debian based Linux distributions. 


How to install PI-HOLE on Ubuntu?

To install PI-HOLE, run the following command;

wget -O basic-install.sh https://install.pi-hole.net
sudo bash basic-install.sh

After the installation process, your device will be transformed into a network-wide ad blocker.

Here, the Pi-hole serves as a SERVER and need to have a STATIC IP ADDRESS to function properly.


How to choose an interface for Pi-hole?

You will see on your Screen options to choose an interface where you can press space button on your keyboard to select.

Here, you can choose the "tun0" option and press OK to continue.

Next, select protocols for dns server. You can select IPv4 and then press OK to continue to the next page.

Now, setup a static IP address where you should select No to continue to the next page of the setup.

Next, you have to enter the OpenVPN's server IP address (121.110.110.008/24) and press OK button to go to the next page.

And finally, you should input your default router/gateway IP address as the desired IPv4 default gateway and click on Ok button to proceed to the next page.

Now the Static IP address information will be displayed to allow you confirm the settings. Then press Yes to continue.


How to upstream DNS IP address?

In this stage, you can choose a custom DNS such as Google since it is very reliable followed by clicking on the OK button to continue.

Now the Installation of Pi-hole will be completed.


How to test Pi-hole?

To test Pi-hole to see if DNS is working or not, run the command below;

host linuxapt.com 10.8.0.1

Now the aliases will be pinging some information.


How to update OpenVPN config to push our PI-hole dns server?

To update OpenVPN , modify the file "/etc/openvpn/server.conf" by running the following command;

sudo vi /etc/openvpn/server.conf

In this file, delete or comment out the existing DNS entries as shown below;

#Stop using Google DNS for our OpenVPN
#push "dhcp-option DNS 8.8.8.8"
#push "dhcp-option DNS 8.8.4.4"

Next, add  our PI-Hole DNS IP address as shown below;

push "dhcp-option DNS 121.110.110.008"

Now save and close the file.

After this, you can restart the OpenVPN server by running the following command;

sudo systemctl restart openvpn@server


Setting your Server Firewall for OpenVPN subnet

You need to open port 53 and 80 for the OpenVPN subnet. To do this, run the following commands;

ufw allow proto tcp from 121.110.110.0/24 to 121.110.110.008 port 80
ufw allow proto tcp from 121.110.110.0/24 to 121.110.110.008 port 53
ufw allow proto udp from 121.110.110.0/24 to 121.110.110.008 port 53


Now you can reconnect all OpenVPN clients and you should able to browser everything without ads on your mobile devices. To view PI-hole stats, enter the following url on a web browser;

http://10.8.0.1/admin/


In the PI-hole administration panel, you can white-list or blacklist certain domains.


Need to setup PI-hole with OpenVPN Server on your Ubuntu Server? We are available to help you today.


Conclusion

This article will help you to get Pi-hole installed and to configure it Debian or Ubuntu Linux along with an OpenVPN server.