Pfsense CE 2.6 DNS over TLS

Networking & Firewalls
1

hi,
i’m confused.
I have seen different recent video’s to configure DNS over TLS with the cloudfare dns servers.
DNS Server Settings in General setup
DNS Servers
1.1.1.1 cloudfare-dns.com
1.0.0.1 cloudfare-dns.com
2606:4700:4700::1111 cloudflare-dns.com
2606:4700:4700::1001 cloudflare-dns.com

       Use local DNS (127.0.0.1), ignore remote DNS Servers

resolver2
resolver21920×1080 291 KB

resolver1
resolver11920×1080 349 KB

With that configuration i couldn’t browse on the internet, lookup test did’nt find a web site,…

I found in an older video some custom setting for pfsens 2.4.

resolver4
resolver4834×451 28.8 KB

With those settings all should work:

lookup
lookup1920×1080 226 KB

1111help
1111help1920×1080 266 KB

But normally you do not need those settings in pfsense 2.6.

2

Interesting, I use one.one.one.one for the hostname value, but I tested it with cloudflare-dns.com and that works too for me. As you said, it shouldn’t be necessary to enter any custom options in the DNS Resolver settings. Can you post a screenshot of the DNS Server Settings section of System → General Setup? Verify that he gateways on that page are set up correctly. Also check the logs under System Logs → System → DNS Resolver. Are there any lines such as the following?

notice: ssl handshake failed 2606:4700:4700::1001 port 853 
error: ssl handshake failed crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
3

Some more screenhots

dashboard
dashboard1920×1080 370 KB

DNS
DNS1920×1080 303 KB

log1
log11920×1080 361 KB

log2
log21920×1080 318 KB

4

Hi,
thanks everybody
This topic can be closed.
I found my error : a typo in the DNS-name in System General Settings.

This topic can be closed.