A guide on how to setup DNS over TLS on windows 10?

Discussion in 'Technical Support (AdGuard for Windows)' started by Horus, Dec 31, 2018.

  1. Horus

    Horus New Member

    Joined:
    Dec 31, 2018
    Messages:
    8
    I can't seem to find a guide to show how to use DNS over TLS for adguard, do i need a separate software or the windows app does it automatically?
     
  2. Boo Berry

    Boo Berry Moderator + Beta Tester Moderator

    Joined:
    May 30, 2012
    Messages:
    4,163
  3. Horus

    Horus New Member

    Joined:
    Dec 31, 2018
    Messages:
    8
    it is just because DNS-over-TLS is an established standard and now also Pie supports it natively. I tried Simple DNSCrypt but i didnt find adguard dns in their servers list.
    thanks also for the guide.
     
  4. Boo Berry

    Boo Berry Moderator + Beta Tester Moderator

    Joined:
    May 30, 2012
    Messages:
    4,163
  5. Horus

    Horus New Member

    Joined:
    Dec 31, 2018
    Messages:
    8
    thanks for the reply,I will recheck the list in DNSCrypt.
    I know that adguard supports over TLS that's why i was asking how can I enable that on windows.
     
  6. Boo Berry

    Boo Berry Moderator + Beta Tester Moderator

    Joined:
    May 30, 2012
    Messages:
    4,163
    Windows 10 itself doesn't support it. The only way to get something working (DNSCrypt + DNS-over-HTTPS) is with DNSCrypt. Otherwise, I think specific web browsers (e.g. Firefox) support DNS-over-TLS via a about:config option. Don't think Chrome does though.
     
  7. Horus

    Horus New Member

    Joined:
    Dec 31, 2018
    Messages:
    8
    Thanks, I adjusted Firefox to use that, also in Simple DNSCrypt turned out that I had to disable "only DNSSEC support" and "only without filters" to be able to choose the adguard resolvers. thanks! and please consider natively supporting TLS within the app in future so it can be all secured from one place

    EDIT: it is also listed under DNSCrypt not as DNS-over-HTTPS. (just pointing it out)

    EDIT2: after setting everything up i made a check on doileak.com, still shows DNS as CloudFlare and sometimes as OpenDNS sometimes I see google too whenever I retry the test. i used the dns in the adapter and on DNSCrypt all should be using Adguard. am I missing anything? I even added the dns to the router
     
    Last edited: Dec 31, 2018
  8. Boo Berry

    Boo Berry Moderator + Beta Tester Moderator

    Joined:
    May 30, 2012
    Messages:
    4,163
    DNSCrypt only supports DNS-over-HTTPS. Also DNSCrypt will randomly choose DNSes unless you set it (in Simple DNSCrypt) to use a specific DNS only.

    I still don't think adding DNS features (e.g. DNSCrypt, DNS-over-HTTPS, DNS-over-TLS) to the AG desktop apps is a good idea, since it'd only apply to the apps AG is filtering and not the entire system. Using DNSCrypt/DNS-over-HTTPS/DNS-over-TLS works best if it's used system-wide.