!! iOS 14 PRIVACY WARNING !! Encrypted DNS not supported by Deco

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
12

!! iOS 14 PRIVACY WARNING !! Encrypted DNS not supported by Deco

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
!! iOS 14 PRIVACY WARNING !! Encrypted DNS not supported by Deco
!! iOS 14 PRIVACY WARNING !! Encrypted DNS not supported by Deco
2020-10-16 06:22:34 - last edited 2021-11-23 09:25:19
Model: Deco M5  
Hardware Version: V1
Firmware Version: Latest

To all Deco Owners,

 

please note TPLINK doesn't support DOT(DNS over TLS) or DOH(DNS over HTTPS) on any of their Deco devices and has so far refused to provide an explanation. 
 

Without encrypted DNS, ISP and local network devices can read which websites you visit (not necessarily what u do on those websites).


@Kevin: do kindly let us know when this feature will be included with the beta firmware currently released. 


 

 

  1      
  1      
#1
Options
1 Accepted Solution
[Solution] iOS 14 PRIVACY WARNING !! Encrypted DNS not supported by Deco-Solution
2021-11-11 07:44:50 - last edited 2021-11-23 09:24:53

@re1neke 

HI, All

Please refer to this link for more suggestions:

[Solution] Privacy warning-this network is blocking encrypted DNS

Recommended Solution
  0  
  0  
#12
Options
11 Reply
Re:!! iOS 14 PRIVACY WARNING !! Encrypted DNS not supported by Deco
2020-10-16 09:16:35 - last edited 2020-10-16 09:17:50

@WadeWilson 

 

Hello, thanks for your kind reminding.

 

Can you please update your Deco M5 to the latest firmware version first, then reconnect to the Wi-Fi again to see if this warning disappears?

 

BTW, where did you get this Privacy warning on your iOS14? We tested with an iOS 14.0.1 and we cannot find this warning. Can I have the model of your iPhone and its version?

 

  0  
  0  
#2
Options
Re:!! iOS 14 PRIVACY WARNING !! Encrypted DNS not supported by Deco
2020-10-16 11:33:26

@TP-Link_Deco 

 

I have updated to the latest version for my Deco M5 model EU V1 : 1.4.7

 

Secondly, the screenshot was taken on an iPhone 6S running iOS 14.0.1. Here is a below diagnostic message from cloudflare DNS:

 

 

With my ipv4 & ipv6 resolvers set to Cloudflare, both DoH & DoT are not available on any devices on my Deco network.

  0  
  0  
#3
Options
Re:!! iOS 14 PRIVACY WARNING !! Encrypted DNS not supported by Deco
2020-10-19 01:31:46

@WadeWilson 

 

Hi, thanks for the update.

 

While 1.4.7 is not the latest firmware version for the Deco M5, you need to update to the newer 1.4.9 version, please check and confirm.

 

BTW, can you please confirm again where is the below screenshot from? Is it taken on your iOS 14.0.1 or somewhere else? Thanks.

 

  0  
  0  
#4
Options
Re:!! iOS 14 PRIVACY WARNING !! Encrypted DNS not supported by Deco
2020-10-19 05:34:20

@TP-Link_Deco 

 

hi,

 

1) when I click update in the deco app, it says I am updated to the latest version. Attaching firmware screenshot. Do let me know if I have to download a new update from another source?

 

 

2) I am confirming that in iOS 14.0.1 on an iPhone 6S, I am seeing that new privacy error.

 could you kindly confirm if the Deco will have support for DoH & DoT encrypted DNS?

  0  
  0  
#5
Options
Re:!! iOS 14 PRIVACY WARNING !! Encrypted DNS not supported by Deco
2020-10-19 06:39:06

@WadeWilson 

 

Hi, thanks again for your reply. Generally, whether it supports the DoH & DoT encrypted DNS may depend on the client device but not decided by the Deco network.

 

When you try to access the https://1.1.1.1/help, are both the IPv6 and IPv4 connection good? 

 

What if you connect your PC to your front-end modem directly, will both the DoH and DoT encrypted DNS show Yes? Or you may test with another router if possible.

 

Thanks~

  0  
  0  
#6
Options
Re:!! iOS 14 PRIVACY WARNING !! Encrypted DNS not supported by Deco
2020-10-19 11:41:19

@TP-Link_Deco 

 

hi,

 

when trying to access 1.1.1.1/help - yes both ipv4 and ipv6 are configured and working.

 

none of the clients were able to use DoH or DoT by default on the Deco network - I had to install profiles on the iOS devices and force Chrome flags on my desktop to turn on DoH protocol. This still leaves room for monitoring on other client devices.

 

Cloudflare has highlighted in their support document that a portforward of the users DNS resolvers (in this case 1.1.1.1 & 1.0.0.1) to port 853, would be able to cover all devices on the network with DoT protocol as seen below: 

 

forward-zone:
  name: "."
  forward-addr: 1.1.1.1@853                   
  forward-addr: 1.0.0.1@853                             
  forward-addr: 2606:4700:4700::1111@853
  forward-addr: 2606:4700:4700::1001@853
  forward-ssl-upstream: yes   

 

 

Could we hope for a feature like this in an upcoming update?

 

  0  
  0  
#7
Options
Re:!! iOS 14 PRIVACY WARNING !! Encrypted DNS not supported by Deco
2021-02-26 12:36:18

Hey! DoH is becoming a standard. No support yet?

  1  
  1  
#8
Options
Re:!! iOS 14 PRIVACY WARNING !! Encrypted DNS not supported by Deco
2021-02-28 16:04:22

Agreed!  When will this be implemented?  DoH is a critical feature that's available on most of your competitors' latest devices.

  0  
  0  
#9
Options
Re:!! iOS 14 PRIVACY WARNING !! Encrypted DNS not supported by Deco
2021-04-01 21:05:18

Any update on this please?  I have the X60 and have the same issue.

  1  
  1  
#10
Options
Re:!! iOS 14 PRIVACY WARNING !! Encrypted DNS not supported by Deco
2021-11-10 15:18:49

The same with Archer AX50 v1.0, firmware 1.0.11 Build 20210730 rel.54485(4555)

  0  
  0  
#11
Options