====== PFSense - VPN - Use ExpressVPN - Configure DNS ======

Navigate to **Services -> DNS Resolver**.

In **General Settings**:

  * Enable:  **Checked**.
  * Listen Port:  Leave what it already is.
  * Enable SSL/TLS Service:  **Not Checked**.
  * SSL/TLS Certificate:  **webConfigurator default (5e43e9c3425c6)**.  The numbers on your machine could be different.
  * SSL/TLS Listen Port:  Leave what it already is.
  * Network Interfaces:  **All**.
  * Outgoing Network Interfaces:  **All**.
  * System Domains Local Zone Type:  **Transparent**.
  * DNSSEC:  **Not Checked**.
  * DNS Query Forwarding:  **Checked**.
  * DHCP Registration:  **Checked**.
  * Static DHCP:  **Checked**.
  * OpenVPN Clients:  **Checked**.
  * Click **Save**.

{{:pfsense:use_expressvpn:pfsense_dns_resolver_general_settings.png?800|}}

{{:pfsense:use_expressvpn:pfsense_dns_resolver_general_settings2.png?800|}}


While in **DNS Resolver**, select **Advanced Settings** at the top.

In **Advanced Privacy Options**:

  * Hide Identity:  **Checked**.
  * Hide Version:  **Checked**.
  * Query Name Minimization:  **Not Checked**.
  * Strict Query Name Minimization:  **Not Checked**.

{{:pfsense:use_expressvpn:pfsense_dns_resolver_advanced_settings_-_advanced_privacy_options.png?800|}}

In **Advanced Resolver Options**:

  * Prefetch Support:  **Checked**.
  * Prefetch DNS Key Support:  **Checked**.




Click **Save**.

Click **Apply Changes**.

----

Now that DNS is configured, return to [[PFSense:VPN:Use ExpressVPN|Use ExpressVPN]] and do the next step: [[PFSense:VPN:Use ExpressVPN:Configure Firewall|Configure Firewall]].