my hungarian ISP DIGI blocks both 1.1.1.1 and 1.0.0.1 
I could probably never be able to use Cloudflare DNS
I could probably never be able to use Cloudflare DNS
DNS threat-blocking comparison: 8 DNS services
- Thread starter Evjl's Rain
- Start date
- Status
- Feb 24, 2017
- 1,661
i would have tried if i werent running Heimdal but i guess its too late nowmy hungarian ISP DIGI blocks both 1.1.1.1 and 1.0.0.1
I could probably never be able to use Cloudflare DNS
Looks like user error, I've never heard of such issues and I think a good number of people on the forum use it. Maybe they can help you. Also, keep in mind, the GUI is rarely seen by end users, it's for enterprise and the configuration takes place on the Fortigate/EMS and is pushed to the clients. Also, most of us make adjustments in the CONF file, not in the GUI and in the CONF you have flexibility enough to practically re-design how the entire product works.
- Feb 24, 2017
- 1,661
that UI bug is not user error, you literally can't change those categories at all.
- Nov 10, 2017
- 3,250
my hungarian ISP DIGI blocks both 1.1.1.1 and 1.0.0.1
I could probably never be able to use Cloudflare DNS
You can use VPN then..
why? in order to use just a DNS?
VPN usually slows down the internet speed a bit despite the fastest VPN in our regions and it does cost some money
even if I use a slow DNS, it's still faster or the same as using under the fastest VPN with the fastest DNS
In my region, google DNS is even faster than my ISP's DNS so I will stick to Google DNS if I want speed. Privacy is not a problem for me
- Jul 14, 2015
- 773
How do they block it ? with things on your router level ?my hungarian ISP DIGI blocks both 1.1.1.1 and 1.0.0.1
I could probably never be able to use Cloudflare DNS
Have you try to set 1.1.1.1 in your computer system (in options ipv4 and ipv6 that should work No ?)
yes I did try but nothing could be loaded even google.com or malwaretips.com
I also tried to ping it but it got "destination host unreachable
I think it's at ISP level because I don't change anything in my router
So, which AVs don't check encrypted traffic currently if use DNS over TLS?I found out that my stupid At&t DSL/Fiber Gateways blocks the IP 1.1.1.1. If you are not able to resolve addresses, use 1.0.0.1 instead for Cloudfare.
Beware if you use DNS over TLS your local Hosts file and your AV won't kick in to block phishing/adware/malware domains because they are not programmed to check traffic over other ports, much less encrypted traffic.
Thanks
- Jul 1, 2017
- 1,396
Emsisoft Anti-Malware. Mostly because DNS over TLS uses a different port than 53 so it flies straight under the radar of everything. The pro is faster resolution I guess....
DNS over TLS also breaks Windows 10 Store too.
- Jan 5, 2018
- 163
I run only the web filtering module and honestly it was easy to set up all the things I wanted to block and I never touch it now.
I've had none of the problems you've mentioned. Very strange.
- Nov 10, 2017
- 3,250
No man you use VPN to visit the site what you want to see and change the DNS then stop using VPN....
- Feb 24, 2017
- 1,661
so you're saying you can't replicate what i showed in the webm?I run only the web filtering module and honestly it was easy to set up all the things I wanted to block and I never touch it now.
I've had none of the problems you've mentioned. Very strange.
- Jan 5, 2018
- 163
Yes. When I change those settings they stick and don't change back like it shows in your webm.
- Feb 24, 2017
- 1,661
- Feb 24, 2017
- 1,661
I have changed my DNS to 1.1.1.1 and secondary to 1.0.0.1 and it works just fine
- Feb 24, 2017
- 1,661
alright so i reinstalled it, the issue still exists, but after backing up the config, editing it and restoring, it works.
it's a UI bug for sure.
ps: after restoring an edited config file, the UI showed correctly, then after closing it and opening it again, the UI is back to showing wrong things, but Forticlient is behaving based on the config restored and not based on the UI.
well I can live with this.
Last edited:
- Status
Similar threads
