i am using the blue interface without problems using standard DNS on my mobile. As soon as i change the DNS to mullvad (443) or dismail, digitalcourage (853) etc, i do not get any connection to my WLAN. My mobile complains about not having accsess to the private DNS.
I do not have any special Rules or did not open any ports. Is that the reason? Do i have to open Port 443/853? I already did try the rule
From: Blue
To: ALL
Protocoll: DNS
without any success.
Perhaps there is somone who might know the answer.
I seem to remember DNS using both TCP and UDP. In your rules only TCP is present.
This sentence doesnât quite make sense to me. I am not sure why youâd be using port 443 or mullvad for DNSâŚ
EDIT:
It might help to go into more detail about what you are trying to accomplish. You should be able to add the outside DNS server to the DNS WebGUI (at https://ipfire.localdomain:444/cgi-bin/dns.cgi ) and things should work.
2 Mullvad DNS
The Swedish VPN company Mullvad offers a free public DNS resolver. It supports DNS over HTTPS and DNS over TLS. They also offer a resolver with ad protection and one without. The list of blocked domains for the DNS protection is maintained on GitHub.
Digitalcourage
Digitalcourage is a non-profit organization from Germany that operates a public DNS resolver. The resolver is hosted in Germany and supports DNS-over-TLS. The site that explains the service is only available in German language.
Dismail
Free DNS Resolver without user logging, no Marketing driven typo interception âŚ
Setting up IPFire DNS the right way. You are on a good way, if you use the recommended services mentioned in the wiki.
Struggling with the oddities of smartphone OSs. They sometimes resist to use the DNS (and NTP) server published in the DHCP answer. One possible solution is forcing to use the local IPFire servers. Topic âRedirect rulesâ.
The âignoranceâ of these OSs can be seen rather good, if you log the redirects. The devices try with high frequency to get in contact with their favourite server, until they give up and use the information got since the first request. That is my observation.