Categories
Guides NAT VPS

Setup AdGuard Home on a NAT VPS

Here is a simple guide to set up Adguard Home on a NAT VPS.

What is AdGuard Home?

AdGuard Home is a network-wide ad-and-tracker blocking DNS server. Its purpose is to let you control your entire network and all your devices, and it does not require using a client-side program.

At the same, AdGuard Home features a web interface to easily manage the filtering process.

We have a 256MB NAT VPS with shared IPv4+IPv6, we’ll see how to set up AdGuard home + Wireguard VPN, filtering all wireguard traffic through your own AdGuard Home DNS Server.

Note: Replace [Public-IP] with your public IPv4 address, [Assigned-IPv6] with your public IPv6 address & [port] with the port you’d be using.

STEP 1: Forward a Domain/Subdomain to your NAT VPS.

Use the ‘Domain Forwarding’ option in the control panel to forward HTTP.

Domain Forwarding

Follow the instructions on-screen & add proper A records at your DNS provider pointing to your assigned IP address.

STEP 2: Enable Tun/Tap and PPP

You can skip this step if you’re using a KVM NAT VPS.
a. Go to Settings > VPS Configuration > enable Tun/Tap and PPP .
b. Click Submit.

Stop & start the VPS for changes to take effect.

STEP 3: Installing and configuring AdGuard Home

You can SSH using your dedicated IPv6 or shared IPv4 address.

a. Make sure you don’t have any application using port 80 as this will be used by adguard.

apt remove apache2 -y

b. Get Updates:

sudo apt update -y

c. Install curl and nano.

sudo apt install curl nano -y

d. Install AdGuard Home

curl -sSL https://raw.githubusercontent.com/AdguardTeam/AdGuardHome/master/scripts/install.sh | sh

e. AdGuard Home is installed now.

f. Configure AdGuard for the First Time using Web UI. (requires IPv6 access)
The configuration UI is available on port 3000. Make sure you have IPv6 connectivity for this step.

Enter [Assigned-IPv6]:3000 in your web browser.

Follow the steps to set Admin Web Listening Interface and DNS server Listening Interface to our Internal IP interface, in our case it is venet0 ; click next.

Set your WebUI access username and password click next till the Open Dashboard option appears. Remember username and password this will be used in the last step.

STEP 4: Set System Nameserver to AdGuard Home

Modify /etc/resolv.conf file using your favourite editor to set nameservers to your Internal IP.

nano /etc/resolv.conf

remove any other entries and save the file.

STEP 5: Install Wireguard.

We will be installing Wireguard using Nyr’s script.

wget https://git.io/wireguard -O wireguard-install.sh && bash wireguard-install.sh

Follow the instructions on the screen, set the proper port as per your assigned port range.
Set DNS to Current system resolvers when asked.
Others can be left to default options.

Wireguard configuration is saved. Scan the generated QR code or use the configuration file generated in wireguard client.


Run the script once again to add additional clients.

./wireguard-install.sh

That’s it! Your own personal AdGuard Home + Wireguard VPN Server is ready. 🙂

When using Wireguard, all traffic is filtered through our private AdGuard Home server.

Block custom Ads & websites using AdGuard WebUI accessible from your Domain / Sub-domain (see STEP-1)

This article was made using WebHorizon NAT VPS – starting $7 per year.

Please consult your provider for exact steps.