DNS over TLS setup?

Is there support for DNS over TLS using PfSense and Adam One?

If so, is there a KB or something that i can reference to get this set up?

Seems like the default config sets everything up on 53 only

Hi @meta4
adam:ONE itself does not support DNS over TLS. It’s possible to have adam:ONE running on a local interface and configure unbound (DNS Resolver in pfSense) to listen on TLS and forward all traffic to adam:ONE listening on it’s own dedicated interface (can be a VLAN for eg.)

This has been done in internal testing as a proof of concept. We don’t plan to support DNS over TLS because the industry is adopting DoH as the standard. We believe TLS is a better option, but DoH appears to be chosen because it can be implemented with less friction.

Thanks Arthur,

My goal was to encrypt dns traffic from my wan port to AdamOne. You’re saying that I can have clients on my LAN communicate with my firewall over TLS then over 83 to AdamOne?

Further, with DoH, will that bypass any protections or function of my AdamOne configuration?

Thank you,