I am running GL-MV1000W as my main router. I have activated AdGuard Home to avoid ads and reduce outbound traffic. In addition, I wanted to activate DNS over TLS to minimize the amount of data my ISP is able to collect. However, these two setting (AdGuard and DNS over TLS) appear to not go well together; I am unable to activate DNS over TLS (“Before turning on this feature, please turn off other DNS settings.”)
Is there a way to activate DNS over TLS without deactivating AdGuard Home?
More generally, what settings do you recommend to keep my internet traffic as private as possible without using a VPN (and while keeping AdGuard Home activated).
The solution should be one of the answers before. But why?
AdGuard is analysing the DNS requests and block them if matching a ruleset.
DNS over TLS is encrypting the DNS request end-to-end.
And here is the problem. When DNS over TLS is enabled, the DNS request should be encrypted from your client to the DNS Server. Your provider can’t see your DNS requests, but also AdGuard is not able to anaylse it.
So, you’ll need to break the encryption between the client, AdGuard and the resolver. As mentioned before, The communication Client-to-adGuard needs to be plain and AdGuard needs to support DNS over TLS, do the encryption and set the upstream Server … But any attacker within your network could be able to sniff your requests.
what does that mean, you cant use dns over tls / https if you use adguard home? isnt adguard home using dns over tls already to connect to the adguard dns servers?