DNS over TLS => no DNS resolving at all (with Unbound), why?

[openminded]

hello,

I'm currently using OPNsense 24.7.10_2 with Unbound. My opnsense router is behind another router. My problem is I cannot have DNS over TLS.

I have followed this how-to: https://homenetworkguy.com/how-to/configure-dns-over-tls-unbound-opnsense/

When I configure DoT servers (first one is 1.1.1.1) in "Services: Unbound DNS: DNS over TLS" (with " Use System Nameservers" unchecked, and no DNS servers at all in "System: Settings: General"), I have no DNS resolution at all.

If I go to "Interfaces: Diagnostics: DNS Lookup" and check for example.com with 1.1.1.1 server, it's ok (A   example.com. 2549 IN A 93.184.215.14   1.1.1.1   3 msec). With no specified DNS server I have an error message "Error: error sending query: No (valid) nameservers defined in the resolver". Which is not a surprise.

If I put DNS servers in "System: Settings: General", it's ok (I have DNS resolution) but in this case I have no DNS over TLS.

Could someone please help me debugging this ?