Configuring encrypted DNS on pfSense with Lumiun DNS
This configuration will make pfSense forward DNS requests using the secure DoT protocol (DNS-over-TLS). The configuration is done in pfSense's default DNS Resolver service, which is Unbound.
All devices on the local network that use this pfSense (and its DNS Resolver) as their DNS server will observe the rules defined in the Policy assigned to the Location used in the configuration.
Access the menu Services → DNS Resolver.
At the bottom of the page, click the Display Custom Options button to open the custom options box.
Enter the following in the Custom options box — replacing abcd1234 with the desired location ID - see what the ID is on the Locations page* *.
Save the configuration by clicking on the Save button.
Confirm by clicking on Apply Changes.
Done! Now you can view the reports in your Lumiun DNS dashboard and also define the rules of the Policy.
All devices on the local network that use this pfSense (and its DNS Resolver) as their DNS server will observe the rules defined in the Policy assigned to the Location used in the configuration.
Setting pfSense to use encrypted DNS with Lumiun DNS
Access the menu Services → DNS Resolver.
At the bottom of the page, click the Display Custom Options button to open the custom options box.
Enter the following in the Custom options box — replacing abcd1234 with the desired location ID - see what the ID is on the Locations page* *.
server:
forward-zone:
name: "."
forward-tls-upstream: yes
forward-addr: 76.223.1.120#abcd1234.dot.ldns.io
forward-addr: 13.248.132.249#abcd1234.dot.ldns.ioSave the configuration by clicking on the Save button.
Confirm by clicking on Apply Changes.
Done! Now you can view the reports in your Lumiun DNS dashboard and also define the rules of the Policy.
Updated on: 25/03/2023
Thank you!