I would like to use Mullvad’s public DNS. I added 194.242.2.3 as a permitted outgoing connection in my disposable sys-firewall’s firewall rules, but now none of the websites I try to visit will load. Any help is appreciated. Thank you.
I see, thank you. Does this mean I can only use their encrypted DNS service via Firefox? They have instructions on using DNS over TLS in Android, but I assume this is not applicable to Qubes? Adding adblock.doh.mullvad.net to my firewall rules also prevents any websites from loading.
If you’re using Mullvad’s paid VPN service, then you can just tunnel your DNS traffic to their servers which will query DNS requests directly, which is what I do. You don’t need to rely on Mullvad’s tutorials to set up DNS over TLS or HTTPS, but they’re a good complement to whatever you can find with an internet search (or Qubes forum search).
Try checking systemctl status qubes-firewall in your firewall vm whenever this happens. Adding a URL to a qube’s firewall rules can result in qubes-firewall entering a failed state if the URL is not resolved to an IP address. For this reason, I try to avoid this problem by using IPs whenever possible. Whenever I’m forced to use a URL (load balancing, etc…) I keep a close eye on qubes-firewall for awhile. I also create specialized vms so that a quiet failure of qubes-firewall doesn’t impact other traffic.
1 Like
Thank you! This is all very helpful.