Need help to setup DNS-over-TLS (DOT)
Asus released the new updates and it allowed DoT. I tried to set it up as shown in the picture but nextdns tell me using nextdns without config. Is there a way to set up the proper way so, I don't have to use another device as a DNS server.
This is how I made it work for me:
- go to your main setup page: https://my.nextdns.io
- on the setup guide session, select Routers
- scroll down to pfSense (I found it easier to read the info you need from it)
- there you will find the IP address + the actual host address (example: abcde.dns1.nextdns.io)
- get the IP address and insert it on the Address column on your Asus Router
- get the host address host address, similar to the example above, and insert it into the TLS Hostname
- click the + sign at the end.
I recommend you remove the one you already added and follow the guide above.
regarding strict or opportunistic, it will describe what each one does if you over to the left on the label, try both and see if Strict works, that would be preferable.
I tried to add the IPv6 address too, it should work, but it's not necessary.
edit: Forgot to mention: if you want to add an identifier you can do so by adding it to the beginning of the address you are going to insert into the TLS Hostname, example: Router-abcde1.dns1.nextdns.io
I have an Asus Router and it is fairly easy to do.
See screenshot (replace the values with your settings).
You need 2 things
a) Address: DNS Address provided by NextDNS. It will be 45.90.xxx.yyy
b) Your unique host name is your youruniqueclientid.dns.nextdns.io
1) Paste the address value as is in Address column
2) Paste the TLS Hostname as youruniqueclientid.dns.nextdns.io
Now add any word at the beginning of this TLS name - this will be used to identify which device is sending queries. For example ASUS-youruniqueclientid.dns.nextdns.io
Now, queries from this device (i.e your router) will appear will be identified as
ASUS or Home Router in the NextDNS portal.