Configure CleanBrowsing with Mosyle (DoH/DoT)

Step 1: Access DNS Filter

Log in to your Mosyle management console and navigate to the Management menu. Click on DNS Filter to access the DNS filtering configuration options.

Step 2: Create New Profile

Click the option to create a new DNS filtering profile. This profile will support both DoH and DoT encrypted DNS protocols.

Step 3: Configure DNS Settings

In the profile configuration:

• Select TLS as the DNS protocol type.
• Enter the custom DoT/DoH URL provided in your CleanBrowsing account settings. You can find this URL by logging in to my.cleanbrowsing.org/dashboard and navigating to your network settings.

This configuration enables both DNS-over-HTTPS and DNS-over-TLS, providing encrypted DNS resolution for all managed devices.

Note: This feature requires iOS 14 or later for mobile devices.

Step 4: Assign Profile

At the bottom of the settings page, assign the profile to the appropriate devices or user groups. You can target specific device groups or deploy organization-wide.

Step 5: Enable Profile

Enable the newly created profile to deploy the encrypted DNS filtering configuration across your managed devices. Settings will be pushed automatically.

Step 6: Chrome Enforcement (macOS)

On managed macOS devices, Chrome may initially ignore the DoH/DoT settings configured through Mosyle. To enforce DNS filtering in Chrome:

• Contact Mosyle support to apply Chrome Management policies to your managed macOS devices.
• This ensures Chrome respects the system-level DNS configuration set by the MDM profile.