How To: Cloudflare Gateway DNS over HTTPS

PepeLeDrew · May 20, 2023, 12:52am

FYI, if you want to use Cloudflare Gateway DNS for DNS filtering at the router level, if your Pepwave devices supports DNS over HTTPS (e.g., devices running firmware v8.3.0 or later), then you can configure it as follows:

Server: https://<YOUR_DOH_SUBDOMAIN>.cloudflare-gateway.com/dns-query

IP Address:

162.159.36.5

162.159.36.20

Note: DNS over HTTPS does NOT work, and no devices connected to the router can resolve DNS requests, if you use the Cloudflare Gateway IP addresses for old (non-DoH) DNS (172.64.36.1; 172.64.36.2), which is what I initially assumed I was supposed to do when following Cloudflare’s directions for configuring DoH for routers.

I have verified this setup works on my Balance 20X v8.3.0.

You can check whether you are using Secure DNS using Cloudflare’s testing tool at: https://one.one.one.one/help or at https://www.cloudflare.com/ssl/encrypted-sni/.

signups21 · October 5, 2024, 3:16pm

Is it possible to set up NextDNS with DoH and executables on the Peplink B One? It does not appear to support it. There is code that is required to be input into the router in order for it to function (executables). Otherwise, no encryption. Are there plans to support this on the platform?

Eddy_Yeung · October 24, 2024, 4:55am

It should be straightforward and you need information from your NextDNS account. Below is a capture for your reference. { } means the value from your NextDNS setup.