DNS Over TLS behind cloudflare


I was not able to find the answer to my question anywhere, therefore I will try ask here.

So, I am self-hosting my own DNS over TLS in my home network using adguard home.

I have my domain in Cloudflare pointing to my reverse proxy. That is behind a opnsense machine.

I have all my subdomains proxied in Cloudflare, and i am allowing only Cloudflare IPs and some other IPs I need access to my port forwarding rules.

So when I have the domain unproxied in the Cloudflare dns settings, I can connect to my DOT server using my android device. But when I proxy the domain, I cant connect anymore

I dont understand why, since I have enabled Cloudflare IPs to have access the port forwarding rule.
Anyone has done something similar to this and have it working? thank you.

A :orange: record only supports forwarding specific ports. The DoT port is not one of them.

1 Like


In the end the answer was simple and easy to find… Thank you for point me in the right direction.
So basically without the enterprise plan, I cant proxy this domain.

1 Like

For an arbitrary TCP not already supported by Spectrum on a lower use plan (which is the case here) that is correct.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.