Skip to content

Instantly share code, notes, and snippets.

@krcm0209

krcm0209/README.md

Last active October 31, 2024 19:06
Show Gist options
  • Save krcm0209/2d8ceb00ebf5b6113d920b8120913c02 to your computer and use it in GitHub Desktop.
Save krcm0209/2d8ceb00ebf5b6113d920b8120913c02 to your computer and use it in GitHub Desktop.
Download ZIP
Using AdGuard DNS over HTTPS (DoH) on Windows 11
Raw
README.md

Why

You may want to use AdGuard's DNS over HTTPS1 service if you

  1. Want to make it harder for your ISP to know what websites you are requesting
  2. Want to block most traditional ads from your web browsing experience across your entire PC

Setup instructions

  1. Open PowerShell Step 1
  2. Add the primary and secondary AdGuard DNS IPv4 and IPv6 addresses2 
    netsh dns add encryption server=94.140.14.14 dohtemplate=https://dns.adguard.com/dns-query autoupgrade=yes udpfallback=no
netsh dns add encryption server=94.140.15.15 dohtemplate=https://dns.adguard.com/dns-query autoupgrade=yes udpfallback=no
netsh dns add encryption server=2a10:50c0::ad1:ff dohtemplate=https://dns.adguard.com/dns-query autoupgrade=yes udpfallback=no
netsh dns add encryption server=2a10:50c0::ad2:ff dohtemplate=https://dns.adguard.com/dns-query autoupgrade=yes udpfallback=no
  3. Verify addition of DNS options netsh dns show encryption 
    Encryption settings for 94.140.15.15
----------------------------------------------------------------------
DNS-over-HTTPS template     : https://dns.adguard.com/dns-query
Auto-upgrade                : yes
UDP-fallback                : no

Encryption settings for 94.140.14.14
----------------------------------------------------------------------
DNS-over-HTTPS template     : https://dns.adguard.com/dns-query
Auto-upgrade                : yes
UDP-fallback                : no

Encryption settings for 2a10:50c0::ad1:ff
----------------------------------------------------------------------
DNS-over-HTTPS template     : https://dns.adguard.com/dns-query
Auto-upgrade                : yes
UDP-fallback                : no

Encryption settings for 2a10:50c0::ad2:ff
----------------------------------------------------------------------
DNS-over-HTTPS template     : https://dns.adguard.com/dns-query
Auto-upgrade                : yes
UDP-fallback                : no
    • If you don't see the new DNS options, you may need to run PowerShell with administrator priviledges
  4. Open Settings > Network & internet > Wi-Fi > Hardware properties Step 4
  5. Click the "Edit" button in the DNS servers block Step 5
  6. Change the dropdown setting from "Automatic (DHCP)" to "Manual" Step 6
  7. Ensure both IPv4 and IPv6 are toggled on Step 7
  8. Under IPv4, enter 94.140.14.14 for the Preferred DNS, and 94.140.15.15 for the Alternate DNS Step 8
  9. Under IPv6, enter 2a10:50c0::ad1:ff for the Preferred DNS, and 2a10:50c0::ad2:ff for the Alternate DNS Step 9
  10. Ensure all of the DNS encryption dropdowns are set to "Encrypted only (DNS over HTTPS)" Step 10
  11. Click "Save" Step 11

Footnotes

  1. https://en.wikipedia.org/wiki/DNS_over_HTTPS

  2. https://kb.adguard.com/en/general/dns-providers#adguard-dns

@katastrophe92
Copy link

Hello y'all. Here is as 1 command instead of doing it one by one. Run as administrator PowerShell or CMD.
netsh dns add encryption server=94.140.14.14 dohtemplate=https://dns.adguard.com/dns-query autoupgrade=yes udpfallback=no && netsh dns add encryption server=94.140.15.15 dohtemplate=https://dns.adguard.com/dns-query autoupgrade=yes udpfallback=no && netsh dns add encryption server=2a10:50c0::ad1:ff dohtemplate=https://dns.adguard.com/dns-query autoupgrade=yes udpfallback=no && netsh dns add encryption server=2a10:50c0::ad2:ff dohtemplate=https://dns.adguard.com/dns-query autoupgrade=yes udpfallback=no

@yecarrillo
Copy link

yecarrillo commented May 5, 2024
edited
Loading

This can be done with PowerShell commands exclusively.

Get-DnsClientDohServerAddress
Add-DnsClientDohServerAddress -ServerAddress '94.140.14.14' -DohTemplate 'https://dns.adguard.com/dns-query' -AllowFallbackToUdp $False -AutoUpgrade $True
Add-DnsClientDohServerAddress -ServerAddress '94.140.15.15' -DohTemplate 'https://dns.adguard.com/dns-query' -AllowFallbackToUdp $False -AutoUpgrade $True
Add-DnsClientDohServerAddress -ServerAddress '2a10:50c0::ad1:ff' -DohTemplate 'https://dns.adguard.com/dns-query' -AllowFallbackToUdp $False -AutoUpgrade $True
Add-DnsClientDohServerAddress -ServerAddress '2a10:50c0::ad2:ff' -DohTemplate 'https://dns.adguard.com/dns-query' -AllowFallbackToUdp $False -AutoUpgrade $True
Get-DnsClientDohServerAddress

Set-DnsClientServerAddress -InterfaceAlias "Wi-fi" -ResetServerAddresses
Set-DnsClientServerAddress -InterfaceAlias "Wi-fi" -ServerAddresses ("94.140.14.14","94.140.15.15")
Set-DnsClientServerAddress -InterfaceAlias "Wi-fi" –ServerAddresses ("2a10:50c0::ad1:ff","2a10:50c0::ad2:ff")

Invoke-Expression "New-Item -Path 'Registry::HKLM:\System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\$((Get-Netadapter -Name 'Wi-Fi').InterfaceGuid.ToLower())\DohInterfaceSettings\Doh\94.140.14.14' -Force"
Invoke-Expression "New-ItemProperty -Path 'Registry::HKLM:\System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\$((Get-Netadapter -Name 'Wi-Fi').InterfaceGuid.ToLower())\DohInterfaceSettings\Doh\94.140.14.14' -Name 'DohFlags' -Value 1 -PropertyType QWORD -Force"
Invoke-Expression "New-Item -Path 'Registry::HKLM:\System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\$((Get-Netadapter -Name 'Wi-Fi').InterfaceGuid.ToLower())\DohInterfaceSettings\Doh\94.140.15.15' -Force"
Invoke-Expression "New-ItemProperty -Path 'Registry::HKLM:\System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\$((Get-Netadapter -Name 'Wi-Fi').InterfaceGuid.ToLower())\DohInterfaceSettings\Doh\94.140.15.15' -Name 'DohFlags' -Value 1 -PropertyType QWORD -Force"

Invoke-Expression "New-Item -Path 'Registry::HKLM:\System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\$((Get-Netadapter -Name 'Wi-Fi').InterfaceGuid.ToLower())\DohInterfaceSettings\Doh6\2a10:50c0::ad1:ff' -Force"
Invoke-Expression "New-ItemProperty -Path 'Registry::HKLM:\System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\$((Get-Netadapter -Name 'Wi-Fi').InterfaceGuid.ToLower())\DohInterfaceSettings\Doh6\2a10:50c0::ad1:ff' -Name 'DohFlags' -Value 1 -PropertyType QWORD -Force"
Invoke-Expression "New-Item -Path 'Registry::HKLM:\System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\$((Get-Netadapter -Name 'Wi-Fi').InterfaceGuid.ToLower())\DohInterfaceSettings\Doh6\2a10:50c0::ad2:ff' -Force"
Invoke-Expression "New-ItemProperty -Path 'Registry::HKLM:\System\CurrentControlSet\Services\Dnscache\InterfaceSpecificParameters\$((Get-Netadapter -Name 'Wi-Fi').InterfaceGuid.ToLower())\DohInterfaceSettings\Doh6\2a10:50c0::ad2:ff' -Name 'DohFlags' -Value 1 -PropertyType QWORD -Force"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment