Force Cloudflare DNS over TLS through Wireguard VPN Interface

Hello,

I have an AR300M device and have configured the Wireguard VPN Client to connect to a Wireguard Server I have setup on an EC2 Instance in AWS. All working great.

However, I’ve noticed that when DNS over TLS from Cloudflare is toggled on, my DNS requests don’t seem to go through the Wireguard VPN. Captures on the Wireguard Server show no traffic for port 53, port 853 or either 1.1.1.1 or 1.0.0.1. This indicates that the DNS traffic is leaving my home network directly to go to Cloudflare’s Servers rather than being routed through the Wireguard VPN. Any suggestions for how I ensure that the DNS over TLS from Cloudflare requests go down the Wireguard VPN tunnel and pop out of the Server in AWS please?

Many thanks in advance.

you should set up DNS over TLS on your server side, then on your WG DNS settings point to your server.
turning in dns over tls on the router when using WG has no effect.