UniFi

The UiFi router, commonly known as the Ubiquiti UniFi series, has a number of advantages that make it particularly suitable for home, business, and enterprise environments.

The newer UniFi firmware recently added support for DNS-over-HTTPS. UniFi refers to this feature as Encrypted DNS.

Configure DNS-over-HTTPS

Follow these instructions if your UniFi router supports DNS-over-HTTPS.

UiFi routers use a DNS Stamp URL to specify the DNS-over-HTTPS URL. This URL must be calculated using your private DNS-over-HTTPS URL.

Obtain the DNS-over-HTTPS URL that is used to calculate the DNS Stamp URL.

1. Go to the AdGuard DNS Private Dashboard.
2. Proceed to Encrypted DNS → Custom and enter the following DNS server settings:
   • Device type: 'Router'
   • Device brand: 'Unifi'
   • Device name: Use your Unifi device name
3. Click Next.
4. Scroll to Use DNS server addresses → DNS-over-HTTPS and take note of the DNS-over-HTTPS URL (e.g., https://d.adguard-dns.com/dns-query/123456abc).

Generate a DNS stamp using the DNSCrypt DNS Stamp Calculator and set it.

1. Protocol: DNS-over-HTTPS
2. Host name: d.adguard-dns.com
3. Path: /dns-query/123456abc (replace 123456abc with the value obtained from your AdGuard DNS Private Dashboard)
4. Untick
   • No filter
   • No logs
5. Copy the DNS stamp URL (e.g., sdns://AgcAAAAAA…)

Turn on DNS-over-HTTPS in UniFi.

1. Log in to the Ubiquiti UniFi controller.
2. Go to Settings → Security.
3. Click Protection.
4. Proceed to Encrypted DNS → Custom and enter the following DNS server addresses.
   • Server Name: 'AdGuard DNS'
   • DNS Stamp: DNS stamp URL copied from above
5. Click Save.

Use your router admin panel

Use these instructions if your UniFi router does not support the DNS-over-HTTPS or DNS-over-TLS configuration.

1. Log in to the Ubiquiti UniFi controller.
2. Go to Settings → Networks.
3. Click Edit Network → WAN.
4. Proceed to Common Settings → DNS Server and enter the following DNS server addresses:
   • IPv4: 94.140.14.49 and 94.140.14.59
   • IPv6: 2a10:50c0:0:0:0:0:ded:ff and 2a10:50c0:0:0:0:0:dad:ff
5. Click Save.
6. Return to Network.
7. Choose Edit Network → LAN.
8. Find DHCP Name Server and select Manual.
9. Enter your gateway address in the DNS Server 1 field. Alternatively, you can enter the AdGuard DNS server addresses in the DNS Server 1 and DNS Server 2 fields:
   • IPv4: 94.140.14.49 and 94.140.14.59
   • IPv6: 2a10:50c0:0:0:0:0:ded:ff and 2a10:50c0:0:0:0:0:dad:ff
10. Save the settings.
11. Link your IP (or your dedicated IP if you have a Team subscription).
    • Dedicated IPs
    • Linked IPs