diff --git a/docs/incidents/2026-01-25-adblock-debug-in-progress.md b/docs/incidents/2026-01-25-adblock-debug-in-progress.md
new file mode 100644
index 0000000..7b41fa6
--- /dev/null
+++ b/docs/incidents/2026-01-25-adblock-debug-in-progress.md
@@ -0,0 +1,49 @@
+# Debug Session: AdBlock Not Working + Device Connectivity
+
+**Date:** 2026-01-25 13:20  
+**Status:** IN PROGRESS  
+
+---
+
+## Initial Findings
+
+### 1. AdGuardHome-Sync Container
+- **Origin:** 192.168.31.1:80 (MikroTik AdGuard)
+- **Replica:** 192.168.31.4:3000 (Unraid AdGuard)
+- **Sync interval:** Every 30 minutes
+- **Status:** Failing since 10:00 with "no route to host"
+
+**Error:**
+```
+2026-01-25T10:00:01.349Z ERROR sync Error getting origin status
+{"from": "192.168.31.1:80", "error": "dial tcp 192.168.31.1:80: connect: no route to host"}
+```
+
+### 2. AdGuard Filtering Configuration
+- **Filters enabled:** 1 (AdGuard DNS filter only)
+- **AdAway blocklist:** DISABLED
+- **protection_enabled:** true
+- **filtering_enabled:** true (global)
+- **Multiple client profiles have filtering_enabled: false**
+
+### 3. Architecture Discovery
+There are TWO AdGuard instances:
+1. **MikroTik AdGuard** - 192.168.31.1:80 (origin/master)
+2. **Unraid AdGuard** - 192.168.31.4:3000 (replica)
+
+Sync copies config from MikroTik → Unraid
+
+### 4. Current Issue: Devices Have No Internet
+- LG TV showing no connection
+- Likely cause: DNS changes not propagated to DHCP clients
+- Devices may have cached old DNS or DHCP lease hasn't renewed
+
+## To Investigate
+- [ ] Check MikroTik DHCP DNS settings
+- [ ] Check if MikroTik AdGuard is running (container on MikroTik?)
+- [ ] Verify DHCP leases are pushing correct DNS
+- [ ] Check if NAT rules are redirecting properly
+
+---
+
+*Debug session paused - device connectivity issue reported*
diff --git a/docs/incidents/2026-01-25-dns-outbound-blocked-after-mikrotik-restart.md b/docs/incidents/2026-01-25-dns-outbound-blocked-after-mikrotik-restart.md
index fc56b6b..8e7b5b1 100644
--- a/docs/incidents/2026-01-25-dns-outbound-blocked-after-mikrotik-restart.md
+++ b/docs/incidents/2026-01-25-dns-outbound-blocked-after-mikrotik-restart.md
@@ -86,3 +86,42 @@ After fix:
 ---
 
 *Incident logged by Claude Code via Tailscale connection*
+
+---
+
+## Additional Issue: Devices No Internet (13:25)
+
+### Symptom
+- LG TV and other devices showing no internet connection
+- DNS changes not reaching devices
+
+### Root Cause
+DHCP was pushing  as DNS to clients, but MikroTik NAT rules redirect all port 53 traffic to AdGuard. This created a mismatch.
+
+**Before:**
+```
+DHCP DNS-SERVER: 8.8.8.8
+```
+
+### Fix
+Changed DHCP to push MikroTik as DNS (which forwards to AdGuard):
+
+```bash
+/ip dhcp-server network set 0 dns-server=192.168.31.1
+```
+
+**After:**
+```
+DHCP DNS-SERVER: 192.168.31.1
+```
+
+### DNS Flow (Corrected)
+```
+Device → 192.168.31.1 (MikroTik DNS) → 192.168.31.4 (AdGuard) → 8.8.8.8 (upstream)
+```
+
+### Device Recovery
+Devices need to renew DHCP lease to get new DNS:
+- Wait for lease expiry (default 10 min)
+- Reconnect to WiFi
+- Reboot device