It's not working

[llamafilm]

Thanks for sharing these configs, this is a great idea. Unfortunately it's not working for me. I installed the Cloudflare config and accepted in in system settings. But all of my DNS queries are still going to my router on port 53 as usual. Is there some additional step I missed? I'm on Ventura 13.2.1. I've tried browsing in Safari and also command line host and dig.

[paulmillr]

🤷‍♂️

[jorritfolmer]

This could be related to #13. You seem to be running MacOS and possibly Little Snitch. You may find that the Cloudflare profile is disabled and cannot be enabled in System Settings -> Network -> Filters while Little Snitch is enabled.

[kansal15]

On M1 chip, with macOS Ventura 13.4.1 version , DoT (with profile) is not working even without Little Snitch.

[ztheory]

@llamafilm dig will not send DNS encrypted, but I'm not sure about 'host'; dig uses plaintext only, but still should use the servers specified in the .mobileconfig profile. You'll need to generate traffic using a web browser or other apps to validate.

If you're using a VPN, try disabling that to see if it makes a difference

If you're using iCloud Private Relay, try disabling that to see if it makes a difference.

[kansal15]

On M1 chip, with macOS Ventura 13.4.1 version , DoT (with profile) is not working even without Little Snitch.

In my case, Cisco AnyConnect was not allowing mobileconfig to work. After un-installing Anyconnect, profile starts working normally. Thanks.