DNS over TLS Failing with Quad9 using Unbound

  • So I'm using and I can telnet to the address when logged into the firewall and can also grab the certs using openssl. So it's not getting blocked anywhere to my knowledge. I didn't see anything in the firewall rules either.

    My configuration
    General Settings DNS Servers:


    I had Disable DNS Forwarder turned both on and off and it had no effect on unbound's inability to resolve an address over TLS.

    Unbound Configuration

    • Enable DNS Resolved Checked
    • Respond to incoming SSL/TLS queries from local clients (this won't happen, but I turned it on)
    • SSL/TLS Cert webConfigurator
    • Network Interfaces: All
    • Outgoing Network Interfaces: WAN
    • System Domain Local Zone Type: Transparent
    • DNSSEC: Checked
    • DNS Query Forwarding: Checked
    • Use SSL/TLS for outgoing DNS Queries to Forwarding Servers: Checked (This breaks things)
    • DHCP Registration: Checked

    Custom (not sure this is needed anymore with the UI Setting):
    log-replies: yes
    name: "."
    forward-ssl-upstream: yes

    What should I be looking for to fix this issue?

Log in to reply