Here is the screenshot of default iPhone's DNS options when connecting via wifi.
Here is the screenshot of Firefox using CloudFlare's DoH for default installation which can be viewed by opening about:networking#dns. You could get arround DoT by blocking 853 port but it is almost impossible to block DoH ince it uses the SSL port 443 unless you go and block all common DoH IPs. With more browsers, softwares and devices onboarding to DSN over HTTPS (DoH) or DNS over TLS (DoT) it is now harder to override the DNS configurations using the custom DNS server via port 53. In order to solve this I wanted to use a public domain so no matter which network I'm in it can always get me the correct IP. While we could install Tailscale on the OPNSense router I would like to avoid this so each device has to manually install and auth to Tailscale and uses the person's identity. Since I have multiple devices and it is easier to configure using iPhone/iPad I prefer to have iCloud sync. With most of the apps using iCloud Sync, it will synchronize settings across iOS devices including Apple TV which may not have Tailscale installed. It makes the matter worse by not being able to install Tailscale in some devices such as TV or IOT devices which means we can only use LAN IP on TVs. But since Tailscale network gives a different IP compared to the Local Network (LAN/Wifi), we now have to connect using Tailscale IP or Local Network IP depending on whether Tailscale VPN is connected. With Tailscale acting like a secure VPN it makes it easy to access your home devices from anywhere as long as you are connected to the internet. Sharing public domain with Tailscale and Internal Network with One-To-One NAT using OPNSense - Prabir's Blog ☗ Prabir's Blog Github Twitter Sharing public domain with Tailscale and Internal Network with One-To-One NAT using OPNSense 2
0 kommentar(er)
