pfSense and NextDNS

rpr87 · March 31, 2020, 3:51am

Hi folks, really enjoy your YouTube videos and I’m glad I found my way over to your forums as well!

Over the last few months I’ve been running Pihole with my pfsense router however recently I came across nextdns which offers some similar network wide adblocking. I’m a big fan of supporting sites that rely on ads for revenue but since I work in cybersecurity, I’m more concerned with malvertising and it’s variants using dns.

I would love to see a video of you setting up pfsense and using nextdns addresses with a configuration on their website. They include some dns resolver configurations in their setup page and unfortunately I was having some trouble tuning that on my own home pfsense. I’ve got it working however I’m sure I could’ve missed a step or two and a clear video with your great YouTube presence would be a total time saver and show something cool for other power home users.

Thanks again for some great content and I look forward to watching more of your videos!

LTS_Tom · March 31, 2020, 10:44am

For pfsense go to “System” then “General” and put in the NextDNS IP addresses 45.90.28.83 & 45.90.30.83 under where is says “DNS Server Settings”

rpr87 · April 1, 2020, 8:10pm

Yes that would be the simplest way. I forgot to explicitly say that I was configuring pfsense to be a dns-over-tls resolver and forwarding up to the two nextdns addresses. Pfsense accepts dns 53 from all internal lan clients, forwards as dns-over-tls port 853 to nextdns.

cocoflan · April 9, 2020, 10:20pm

On Pfsense under General Setup at DNS adresses use the Nextdns dns adress “45.90.28.83 or 45.90.30.83” and use under the DNS Server Hostname for TLS Verification in the DNS Resolver on the same setup page of Pfsens your Nextdns DNS-over-TLS adres from the adres on setup page of Nextdns DNS-over-TLS “…dns.nextdns.io”

Greetings