I have a separate computer exclusively for VPN usage. How do I ensure internet does NOT work without VPN? (I don't want to rely on Kill Switch)

Wonderful! I’ll check the DNS without connecting VPN and see if it’s private for the VPN or public. (If connected without VPN, it’s public. If not connected, it’s private)?

If public, I’ll have to try another DNS. If private, I’m good to go.

Just wondering… in this website, there are a ton of DNS addresses. But I’m looking for the one with “Vanilla” - no blocking of any sort. They don’t seem to mention it anywhere. Do you happen to know the “Vanilla” DNS entry?

https://github.com/mullvad/dns-blocklists#custom-dns-entries

Yes to the first two parts

Vanilla:
This includes zero blocking, purely encrypted DNS for TLS and HTTPs.
TLS: dns.mullvad.net
HTTPS: https://dns.mullvad.net/dns-query

So to my understanding if you open a command line and type “ping Dns.mullvad.net” it should toss you an IP address

try 10.8.0.1

i know you are not using a router but: https://mullvad.net/en/help/using-pfsense-mullvad/