How to turn off iCloud Private Relay without an iCloud+ subscription?

If you don’t have an iCloud+ subscription Private Relay cannot be turned on, so Private Relay is not what is causing your issue. In addition, when Private Relay is on it has nothing to do with Wi-Fi.

You may have Private Address turned on; this is normally not a problem, but if your network has MAC filtering (aka Access Control) then you must register the private address in the router setting whitelist or turn it off. To turn off Private Address go to Settings/Wi-Fi and tap on the i next to the network name, and turn it off.

The other thing that can hijack your Internet traffic is VPN. If you have installed a VPN app or profile on your phone delete them. (Don’t just turn them off).

Hello,

I too had this problem, the iCloud DNS was allowing ads through and not playing nicely with AdGuard on my iPhone. It turns out that the setting causing this message is "Limit IP Address Tracking" - Apple is basically saying that routing & encrypting your DNS through the iCloud servers for Mail and Safari traffic is limiting IP address tracking. This is enabled by turning on all of the tracking protections when you first set up Safari. Turning this off removes the message for me under DNS settings:

Settings>Wi-Fi>[your network]>Limit IP Address Tracking>OFF

Also, you can disable switching to cell service to circumvent a connection failure due to DNS configuration by doing the following:

Settings>Cellular>scroll to the bottom>Wi-Fi Assist>OFF

If you're still experiencing this behavior, also enable this option: Settings>Cellular>Cellular Data Options>Data Mode>Standard or >Low Data Mode

Hope this helps!

I have spent a morning struggling with the same issue.

As far as I can see this is entirely unsatisfactory. Apple essentially default users not using ICloud+ to use Private Relay (or at least something that looks the same) and do not provide a means to obviously disable it.

I only noticed this when adjusting settings on my home network and testing some blocked domains using my Iphone.

I tried the settings above. Additionally I found this link regarding preparing your network and have added NXDOMAIN to mask.icloud.com and mask-h2.icloud.com as instructed:

Prepare Your Network or Web Server for iCloud Private Relay - Support - Apple Developer

There are some also some more details about it here.

https://www.apple.com/privacy/docs/iCloud_Private_Relay_Overview_Dec2021.PDF

1. I have seen no warning as stated.

2. DNS does behave as I expect for domains I did not access before changing rules, ie. they are blocked by my local dns server.

I suspect then that Private Relay as described may not be used at least not fully.

Those domains I accessed from Safari before changing anything, are still accessible from my Iphone (not from the router or other devices on the network). So it seems something is cached relating to the Private Relay. I have tried to clear the cache, and flush the dns, deleting all data in Safari, resetting network settings. But it is persistent i still reach the websites I have blocked.

I presume at some point TTL will expire and they will in fact be blocked but it is deeply frustrating that Apple have chosen obfuscation over simplicity and cannot provide proper documentation for both users and network admins.

In these times I am acutely aware of the importance of privacy and freedom, that is presumably a motivating factor in introducing this technology. But that there is not a simple means for IOS users to turn it on and off (and know that it is on or off) runs counter to that motivation.

This is the last time I will say it: PRIVATE RELAY IS NOT ENABLED IF YOU DO NOT HAVE ICLOUD+. You will need to find out what is really going on; the message from your system is wrong. Perhaps you should contact Apple Support using the Get Support link at the top of this page.

Dat betekent dat u Privé Wi-Fi-adressen gebruikt.

U kunt de iPhone een MAC & een Privé IP-adres toewijzen.

Log in op de router, voeg jouw iPhone NAAM + iPhone MAC + Privé IP-adres toe.

Jouw iPhone MAC-adres is: ga naar Instellingen -> Algemeen -> Info -> het Wi-Fi-adres (noteer *** adres op een velletje papier).

Wijst een Privé IP-adres toe aan de iPhone, bijvoorbeeld 192.168.x.xxx of 169.254.x.xxx.

*** is afhankelijk van de router en andere apparaten die al zijn toegevoegd.

Wat belangrijk is, controleer de lijst en de laatste xxx moet anders zijn dan de iDevices die al zijn toegevoegd.

Ik heb hier al jaren alle apparaten (Mac, Windows, iPhone, printer, tv e.a.) toegevoegd op die manier in mijn router, en het werkt goed.

Graag gedaan.

No, it is correct. Private Relay is op-in and requires iCloud+. The message is what is incorrect. It is misinterpreting what is happening in the phone.

It appears that you have / use two different settings in the router for your devices.

However my iPhone (and iPad and other iPhones for that matter, which do not have reserved addresses) do not use that specified DNS server, instead they use one designated by Apple and it appears to be the iCloud Private Relay.

Why do you configure differently than iPhone 7?

It is your choice.

However my iPhone (and iPad and other iPhones for that matter, which do not have reserved addresses) do not use that specified DNS server, instead they use one designated by Apple and it appears to be the iCloud Private Relay.

Actually you already have the answer how to get rid of iCloud Private Relay, is to configure other devices the same as the iPhone 7.

Same issue for me. I run my own network environment with ad blocking and a bunch local dns entries from services like my nextcloud server.

None of my apple devices are playing nice because they keep defaulting to apples servers....

massively frustrating. I'm looking at refusing to allow byo apple devices at work because of this issue, but that's going to be significant project... I'd rather not need to.