DNS Over TLS On pfSense 2.4.5

This is how you enable DNS over TLS using pfSense to help encrypt your DNS queries.

We will be using CloudFlare DNS servers I will list other options you can use at the bottom of this article.

Navigate to System> General > DNS Server Settings.
And add your DNS Servers (IE,
Then Save.

Navigate to Services > DNS Resolver > General Settings
Enable the following under DNS Query Forwarding: Enable Forwarding Mode and Use SSL/TLS for outgoing DNS Queries to Forwarding Servers
Then Save and Apply.

HostIP addressesTLS PortsHostname for TLS
Quad9 malware blocking9.9.9.9853dns.quad9.net
Quad9 ‘insecure’
Cloudflare1.1.1.1 or
Cloudflare Malware blocking1.1.1.2 or
CleanBrowsing185.228.168.9:853 and CleanBrowsing website
Adguard (blocks ads and malware) or https://adguard.com/en/blog/adguard-dns-announcement/

Be the first to comment

Leave a Reply