HOWTO - Redirect all DNS Requests to Opnsense

Started by Cypher100, July 26, 2018, 03:16:37 AM

Previous topic - Next topic
Print
Go Down Pages 1 ... 8 9 10
User actions
Today at 02:32:22 PM #135
@meyergru

Yes, with the rules I've been using it seems to work well. I also have a few additional DNS rules in place to tighten things up a bit.

I also redirect DoT traffic on port 853, which helps prevent devices from bypassing the local resolver using encrypted DNS directly to external providers.

Additionally, I've been experimenting with blocking DoH endpoints, starting with things like Google DNS, to stop clients from using DNS-over-HTTPS to bypass local policies. So far this setup seems to be working well in my tests.
Print
Go Up Pages 1 ... 8 9 10
User actions