Wireguard DNS not reachable

After setting up wireguard according to https://doc.turris.cz/doc/en/public/wireguard the computer connected via wireguard gets no answer from the turris omnia dns server. Everything else is working as expected (I can reach all services in lan, use luci and foris) but neither local (.lan) nor external addresses are resolved by dns.

Wireguard settings on the remote computer are as follows:

PrivateKey = XXX
Address =

PublicKey = XXX
PresharedKey = XXX
AllowedIPs =
Endpoint = XX.XX.net
PersistentKeepalive = 25

/etc/config/network on turris omnia:
config interface ‘wg0’
option proto ‘wireguard’
option private_key ‘XXX’
option listen_port ‘XXX’
list addresses ‘’

config wireguard_wg0
option public_key ‘XXX’
option preshared_key ‘XXX’
option route_allowed_ips ‘1’
list allowed_ips ‘’
option persistent_keepalive ‘25’
option description ‘client1’

/etc/config/firewall is exactly according to the setup guide linked above.

The only thing I do not use according to most manuals is lte as my only internet access so wan interface is not in use and lte is in the wan firewall zone. I assume that this should not change anything in my wireguard configuration but maybe I am wrong in this aspect.

Thanks for any hint on what I need to change or add to reach the dns on turris omnia.

Turris has an error in wireguard configuration.

You cannot set DNS in the LAN IP range as DNS =

You have to set it as the wireguard peer IP address like DNS =

Thank you! What I missed was that I should add the wireguard net to the allowedIPs in the Peer section so I can access the dns server in addition to the change you suggested.