[Fresh 2019.2] ESNI and "insecure reply from..."

Discussion in 'Tomato Firmware' started by srouquette, Jun 2, 2019.

  1. srouquette

    srouquette Network Guru Member


    I was testing this page: https://www.cloudflare.com/ssl/encrypted-sni/

    and dnsmasq logs this when I run the test:
    "daemon.warn dnsmasq[5368]: Insecure DS reply received from is-dot.cloudflareresolve.com.cdn.cloudflare.net"

    Do you know what this means?

    ESNI test fails (I enabled the config in firefox, but not TRR), and "Secured DNS" is orange, I assume this may be due to the DNS being the router.
  2. pedro311

    pedro311 Addicted to LI Member

    Check thread about FreshTomato (mips or arm - don't remember now).
    There is a nice explanation by @RMerlin what is wrong with CF checker.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice