NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
how to setup secure dns
I cannot find a way to get my RS700 router to use
secure DNS? any ideas?
8 Replies
The RS700 User Manual does not mention secure DNS. It is also not mentioned in any of the firmware release notes.
One would think that providing this feature would be significant enough that it would be mentioned somewhere.
If you have looked at the Internet setup page and every one of the Advanced Settings pages and not found it, my guess is that the RS700 does not provide this feature.
There are web browsers that can be set to ignore the DNS servers provided in the DHCP information and use HTTPS instead.
https://en.wikipedia.org/wiki/DNS_over_HTTPS
There are posts on the internet claiming that some consumer routers have DoH as a feature (or even the default), such as:
https://forums.tomshardware.com/threads/wireless-routers-that-natively-support-dns-over-doh.3851440/
The Netgear RS700 came out after that article was published.
One would think that providing this feature would be significant enough that it would be mentioned somewhere.
I agree.
There are web browsers that can be set to ignore the DNS servers provided in the DHCP information and use HTTPS instead.
Chrome, Edge, and Firefox all can do this.
Most VPN services also automatically override the OS DNS settings when they are in use.
Are you just wanting to use a 3rd party DNS? If so, thats pretty easy.
Log in through the browser and go to the internet tab. That's where you'll find the default DNS settings that you can change to whatever you prefer. If you use IPv6 (and your isp supports it), you'll also want to change it for IPv6 too.
Can review if OpenDNS or NextDNS has any options for you.
The entire point of secure DNS is to encrypt the transmission between user and the DNS service. Because ordinary DNS queries and responses are not encrypted, they are vulnerable to being observed at any point in the network between the user and the DNS service. This is why web browsers are so paranoid about warning users to avoid web sites that are not encrypted. No matter which DNS provider is set in the router configuration, the DNS communication is still not encrypted.
Only by reprogramming the DNS process can this process be made secure.
I"I am writing to express my surprise that secure DNS is not yet a standard feature in your latest firmware updates. Given Netgear’s position as a market leader and the premium price point of your hardware, I would expect modern security protocols like DoH or DoT to be available by default. A firmware update to address this would be the most logical and straightforward solution for your users who value privacy."
"As a user of high-end Netgear hardware, I’m disappointed by the lack of native support for secure DNS. For a brand that positions itself at the forefront of networking technology, this is a glaring omission. Implementing this via a firmware update is a simple, necessary step for modern network security. Why isn't this a standard feature on your premium devices yet?"
Netgear Armor doesn't work with encrypted DNS and hence the lack of encrypted DNS support.
