This guide will talk you through how to configure pfSense to use the Cloudflare DNS Service and enabling DNS over SSL/TLS which is one of the key features - effectively making your DNS queries secure. A lot of ISP's record and/or intercept DNS traffic as a form of tracking for either advertising purposes, or complying with legal surveillance methods which seem to be creeping up all over the place. Surprisingly, it's really easy to setup but no one really made an easy guide to follow before so here goes: Configuring pfSense to use Cloudflare DNS: To do this, go to System > General Setup Once there, set the DNS servers like so (1.1.1.1 and 1.0.0.1): Done! Simple as that. Next step, we need to enable the DNS Resolver to use the Cloudflare DNS servers as an upstream provider, as well as enable DNS over TLS. This can be done in Services > DNS Resolver Once there, tick these three boxes, Enable DNSSEC Support, Enable Forwarding Mode and Use SSL/TLS for outgoing DNS queries to forwarding services: Save and reboot, and you are all set! One note to remember, in some configurations you could find the DNS Resolver is turned off and you are using DNS Forwarder instead. In those, for ease I'd recommend turning off Forwarder and enabling Resolver and then making the changes like described. This was done on pfSense 2.4.4 - however I'm sure the settings layout will not change drastically in newer versions anytime soon. While you are here, why not check out my other pfSense Guides? pfSense: Guide to Fix Nintendo Switch 2618-0516 Unable to Connect to others console / NAT traversal pfSense: Nintendo Wii U Online Fix (118-0519 - Unable Connect to Partner's Device) pfSense: Step by Step Guide to Multiple Xbox One's Open NAT + Play Together (2.3.x)