Hello! Please forgive me if I am asking the wrong question or confusing an issue. I am running a Pepwave Surf SOHO MK3 at FW 8.0.0 build 1429. I’ve been reading a lot about DNS security, and indeed want to be sure my router is configured to maximize things in that department.
In the WAN Connection Settings for DNS Servers, I specify the Cloudflare servers at 1.1.1.1 & 1.0.0.1. When I run a test at Cloudflare Browser Check, the connection is reported as capable of DNSSEC, but not using DNS over TLS.
I would be interested in DNSSEC working from the Surf SOHO also. Currently, my solution is to run cloudflared on a Raspberry Pi and route all DNS traffic to it from the SOHO:
I would also like to see this feature on the SOHO and for that matter farther up the PepWave product line. I understand why customer’s cybersecurity teams may have issues with their intranet clients running DoH/DoTLS, but they would be well served to use it or other DNSSEC technology on their edge devices to hide their corporate DNS traffic from the peering eyes of their service providers.