Hi RubberDucky,

When you say that Secure DNS and Encrypted SNI both failed, are you referencing Cloudflare's Browser Security Check?

Yes I’m referring to the cloudflares browser security check.

Thank you for confirming! I'm sorry about the delayed responses.

Encrypted SNI fails in that test is because a bug (1590642) is currently preventing it from functioning correctly while using a proxy service.

As for Secure DNS, is the test failing on it or is it showing inconclusive (orange circle with white question mark)? When I am running the test with FPN enabled, it shows that it is inconclusive, but didn't necessarily fail. FPN does actually support Secure DNS, so if it is showing a hard fail on the test, this could be a connectivity problem.

Could you run the test again and let me know which status you're receiving for Secure DNS on the test (pass, fail, or inconclusive as mentioned above)?

Note that ESNI is not enabled in Firefox by default and it is not enabled by Firefox Private Network.

The primary goal of ESNI is to mask your activity from your ISP. Doesn't FPN do that anyway?

Maybe, enabling ESNI with FPN causes some sort of conflict, which is why FPN doesn't enable it and would explain why the ESNI Check fails when it is enabled.

As far as the Secure DNS check is concerned, I found this from Router Security: "One feature of Cloudflare DNS is encryption. The connection between your computer and their DNS server is encrypted using one of two fairly new approaches: DNS over TLS or DNS over HTTP. This is only an issue when you are not using a VPN. A VPN encrypts everything (when it is working correctly) coming and going from the computer so there is no need to pay special attention to encrypting DNS."

Try testing with https://1.1.1.1/help/ both with and without FPN enabled.