Firezone & Adguard Home


I’ve got firezone up and running in a docker container and had it previously set to using the default DNS servers ( cloudfare).

After setting up my own Adguard Home instance, I changed the DNS to the internal IP of it. This is where it gets strange -

  • domains like do not resolve and just hang. I can’t see the queries being sent to Adguard in the query log.
  • local domains are resolved by Adguard and I can see them in the Adguard logging but they also hang/don’t load on the firezone client.
  • accessing internal services via IP continues to work fine.

Adguard works fine on all other internal devices. Both firezone and Adguard are running in docker containers and the IP of the connected client is 172.x.x.x rather than 192.168.x.x.

Is there an additional setting I’ve missed somewhere to make it work properly with firezone?

EDIT: I managed a workaround by instead installing Adguard on my router and then pointing the DNS to it. There’s something with the container routing but I couldn’t figure it out.

Docker uses DNAT by default for containers, so the IP firezone sees from your connected will be the IP of the Docker host.

If this is Linux, you can use network_mode: host to run Firezone in the host’s network namespace. See our updated as an example.

1 Like