NextDNS for parental controls but without encrypted DNS
I have my kid's devices set to his own NextDNS profile with parental controls and a Deny list. At his age and limited tech savvy, this has worked great to keep his online activities protected.
I use an Apple Profile on his iPad (7th gen) for NextDNS. Recently, it appears, his school has stopped allowing encrypted DNS traffic. He gets a Privacy Warning with a message that This network is blocking encrypted DNS traffic. Apps and browsers that require internet access do not work. Once he removes the profile, everything works fine. The same occurs if I use the NextDNS app instead of an Apple Profile.
Assuming encrypted DNS is indeed the issue and not allowed on his school network, is there a way to use his NextDNS profile without encrypted DNS? Basically, I would still like to use NextDNS for parental controls and Deny list, if possible.
And, yes, I understand that I could install proper parental software instead but the simplicity of NextDNS has been great so far :)
The requests from the iPad show up as DNS-over-HTTPS in NextDNS logs. I suspect if they're going through the trouble of blocking DoH, they're most likely blocking DoT too, since that's a lot easier to block.
I think a Linked IP with some DDNS software on the iPad is probably the only possible solution left.
I'm already using Linked IP with my home router (Google WiFi, so doesn't support NextDNS inherently), so will have to get a new NextDNS account for my kid.
As I mentioned, my primary purpose here is parental controls. Encrypted DNS for my scenario is not necessary. I don't mind if the school also snoops on his DNS traffic
Thank you for the suggestions.