0

return money, or make a normal guide. Mikrotik does not work!

/tool fetch url=https://curl.haxx.se/ca/cacert.pem
/certificate import file-name=cacert.pem
/ip dns set servers=
/ip dns static add name=dns.nextdns.io address=45.XX.28.0 type=A
/ip dns static add name=dns.nextdns.io address=45.XX.30.0 type=A
/ip dns static add name=dns.nextdns.io address=2a07:a8c0:: type=AAAA
/ip dns static add name=dns.nextdns.io address=2a07:a8c1:: type=AAAA
/ip dns set use-doh-server=“https://dns.nextdns.io/xxxxx” verify-doh-cert=yes

so no mistake:

/tool fetch url=https://curl.se/ca/cacert.pem

but still doesn't work!

6replies Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
  • Could you ask the Mikrotik forum? This should work.

    Like 1
  • I had setup NextDNS on Mikrotik, Router OS 6.48.1 (Stable)., successfully.

    I am not sure now, but I think, I had a problems with quotes (").

    Or I needed to use with quotes ("): /tool fetch url="https://curl.se/ca/cacert.pem"

    Or without quotes ("): /ip dns set use-doh-server=https://dns.nextdns.io/xxxxxx verify-doh-cert=yes

    Try both variants.

    But, since I was missing the client identification, I have installed OpenWRT on my Mikrotik with NextDNS cli.

    Cheers

    Like
  • Replace the second line as follows:

    /certificate import file-name=cacert.pem passphrase=""

    Like
      • xenstar
      • xenstar
      • 1 yr ago
      • Reported - view

      steve rosenberg Yeah for me it asked for passphrase, and I put my admin password, it worked. 

      Like
  • The guide is excellent and Mikrotik (v6.48 and v6.49) works perfectly with NextDNS. I think having some basic Mikrotik knowledge is always required, but to get that basic knowledge takes lengthy research and patience. The only thing the guide had wrong was "/ip dns set servers=" because it did nothing it seems. I had to go to IP/DNS/Servers and remove it manually. 

    Like
      • LELMUS
      • LELMUS
      • 1 yr ago
      • Reported - view

      Forgot to mention that setting “use peer dns” must also be set to ‘no’ on whatever pathway the wan is on. Would have been helpful to see this mentioned for others. 

      Like
Like Follow
  • 1 yr agoLast active
  • 6Replies
  • 612Views
  • 6 Following