Forum Discussion
Is there an ability specify to exclusions for DNS-over-HTTPs requests?
Setup:
Edge current branch
DNS over HTTPs is set up and working prooved by Edge Logging
Problem:
we have a webpage that is available from Public DNS but when opened from internal network it needs to resolve with internal AD DNS.
Examples / Usecases:
scenario 1:
User opens Edge
opens portal.contoso.com from external network
Portal.contoso.com resolves to the public DNS entry of contoso.com via DNS over HTTPS using Cloudflare or any other provider specified.
expected behaviour: as above (by design)
scenario 2:
User opens Edge
opens portal.contoso.com from internal network
Portal.contoso.com resolves to the public DNS entry of contoso.com via DNS over HTTPS using Cloudflare or any other provider specified.
expected behaviour: as above (by design)
required behaviour:
portal.contoso.com should resolve over local DNS (AD DNS)
Feature Request:
We need a GPO control to specify that portal.contoso.com should first resolve to local DNS (AD DNS).
Means a list object, json or csv in ADMX.
Afaik there is no ability to do so. Other products like Firefox is reportingly able to specify exclusions.
Are there other ideas how to solve this, or is this a FR that is already in milestone or backlog?
2 Replies
- Kelly_Y
Microsoft
kwester-ebbinghaus-business Hello! There are a couple of policies for DNS-over-HTTPS. Would these be able to help your scenario?
Thanks!
-Kelly
- Hello Kelly_Y we are actively using these ADMX as stated but so far it seems not to be possible to exclude certain addresses.
That's why I asked if this is something I missed in the docs or if we can please have these as a feature request.
The current workaround is to disable this feature for the usecase.
What do you think?
