Skip to content
English - United States
  • There are no suggestions because the search field is empty.

Configuring pfSense® to use Lumiun DNS via the DoT protocol

This configuration will cause pfSense® to forward DNS requests to Lumiun DNS using the secure DoT (DNS-over-TLS) protocol. The configuration is done in pfSense®'s default DNS Resolver service, which is Unbound.

All devices on the local network that use this pfSense® (and its DNS Resolver) as a DNS server will now observe the rules defined in the Policy assigned to the site selected in the configuration.

Step-by-step

  1. Go to the ServicesDNS Resolver menu.

  2. Under Network Interfaces, hold down the Ctrl key and select LAN and Localhost.

  3. Uncheck the DNSSEC option.

  4. At the bottom of the page, click the Show Custom Options button to open the custom options box.

  5. Enter the following in the Custom Options box — replacing abcd1234 with the ID of the desired site - see the sites page for the ID. Also replace “dns_server_1,” “dns_server_2,” “dns6_server_1,” and “dns6_server_2” with the respective DNS servers for your site, located on the sites page.

    server:
    forward-zone:
    name: "."
    forward-tls-upstream: yes
    forward-addr: dns_server_1#abcd1234.dot.ldns.io
    forward-addr: dns_server_2#abcd1234.dot.ldns.io
    forward-addr: dns6_server_1#abcd1234.dot.ldns.io
    forward-addr: dns6_server_2#abcd1234.dot.ldns.io
  6. Save the configuration by clicking the Save button and confirm by clicking Apply Changes.
That's it! You can now view reports on your Lumiun DNS dashboard and also define policy rules.