I am trying to use Zero Trust DNS Firewall policies for Content filtering, but have hit a snag. When I set the network DNS with the Zero Trust DNS servers, I encounter the following:
If I leave DNS over HTTPS at the default level in Firefox or Chrome, filtering works, but many sites that use HSTS will not load, including cloudflare’s *.testcategory.com sites. If I enable DOH with default settings (Cloudflare 1.1.1.1), HSTS works, but then nothing gets filtered. If I use the custom DNS over HTTPS address given to my location in Zero Trust (https://#########.cloudflare-gateway.com/dns-query) I cannot connect to any website at all.
Has anyone else encountered this? What can I do to get it working? I try pinging my #########.cloudflare-gateway.com address and get nothing.
