0

Configuration profile on Mac OS Big Sur not working

Hi guys, I have downloaded the configuration profile on my mac running mac os big sur. I have installed the profile, trusted root CA and signed the config profile. In my network preferences I can even see that the service is running however when I go on mynextdns main page it says that it is still using google as DNS resolver. On my Iphone I have also done the same and it works. Also if I use the app on my mac it works but not with the config profile... Can anyone help me as it seems to be a common issue on mac OS?

27 replies

null
    • Jules_A
    • 2 yrs ago
    • Reported - view

    I have the same issue, is this the only way to get help from NextDNS? There isn't any direct support for paid customers?

    • NextDNs
    • 2 yrs ago
    • Reported - view

    What is the output of https://test.nextdns.io

      • Jules_A
      • 2 yrs ago
      • Reported - view

      NextDNS 

      {
      "status": "unconfigured",
      "client": "212.102.40.79",
      "resolver": "212.102.40.79",
      "server": "vultr-dal-1"
      }
      • NextDNs
      • 2 yrs ago
      • Reported - view

      Jules A seems like you are running a recursive resolver directly on your router, can you tell us more about this setup?

      • Jules_A
      • 2 yrs ago
      • Reported - view

      NextDNS Sure, no problem. The router is set up with IP4 addresses you publish, has a linked IP via a dynamic DNS service, and is working fine.

      My M1 Macbook that I'd like to get working is Big Sur 11.3  connected via a VPN. The VPN complains when multiple VPNs are connected or I'd use the app you've built. So I tried to get a connection profile working.

      It's approved in profiles and it is enabled. But anything on the machine is using the VPN-provided DNS resolvers and not yours.

      Hope that helps explain and thanks very much for the help in advance.

      • NextDNs
      • 2 yrs ago
      • Reported - view

      Jules A does it work if you disconnect the Surfshark VPN?

      • Jules_A
      • 2 yrs ago
      • Reported - view

      NextDNS It appears it isn't working with the VPN turned off.

      If I disconnect the dynamic DNS client and ask the router to get a new IP I get this on your config page:

      This device is using NextDNS with no configuration.
      Make sure to link your IP address in the Linked IP section below.

      That would suggest the profile we created and installed isn't functioning at all?

      • NextDNs
      • 2 yrs ago
      • Reported - view

      Jules A with the VPN turned off, can you please load https://test.nextdns.io again?

      • Jules_A
      • 2 yrs ago
      • Reported - view

      NextDNS Absolutely, just sent it to you as a DM.

      • Jules_A
      • 2 yrs ago
      • Reported - view

      NextDNS Any other thoughts on what's going on? Thanks.

      • NextDNs
      • 2 yrs ago
      • Reported - view

      Jules A it feels like a bug in the OS. You may want to try our CLI (https://nextdns.io/cli), it should work with your VPN.

      • Jules_A
      • 2 yrs ago
      • Reported - view

      NextDNS Profile removed, CLI installed.

      ~> sudo nextdns log
      May  8 13:18:34 MacBook-Air com.apple.xpc.launchd[1] (nextdns): This service is defined to be constantly running and is inherently inefficient.
      May  8 13:18:34 MacBook-Air nextdns[6541]: Starting NextDNS 1.32.1/darwin on localhost:53
      May  8 13:18:34 MacBook-Air nextdns[6541]: Listening on UDP/[::1]:53
      May  8 13:18:34 MacBook-Air nextdns[6541]: Listening on TCP/127.0.0.1:53
      May  8 13:18:34 MacBook-Air nextdns[6541]: Listening on TCP/[::1]:53
      May  8 13:18:34 MacBook-Air nextdns[6541]: Listening on UDP/127.0.0.1:53

      Still not working.

      • NextDNs
      • 2 yrs ago
      • Reported - view

      Jules A your VPN is still capturing DNS traffic apparently.

      • Jules_A
      • 2 yrs ago
      • Reported - view

      NextDNS It certainly seems that way. So… that's it for any help you are able or willing to provide?

      I've dropped a line to the VPN provider and they are of the opinion that manually set system DNS overrides their supplied DCHP one.

      We've tried apple.nextdns.io and I've installed the daemon. Neither work.

      Any thoughts on getting this working? Thanks.

      • NextDNs
      • 2 yrs ago
      • Reported - view

      Jules A we can’t go over over the DNS provided by the VPN, this is enforced by the OS. You have to make the VPN use a different DNS address if they support it.

      • Jules_A
      • 2 yrs ago
      • Reported - view

      NextDNS Some feedback that I hope you'll find useful: Kind of disappointed in the lack of support for this issue which comes off as shrug, you're right, doesn't seem to be working. Given the near cult-like worship on HN and other tech circles I was expecting a bit more as a paid customer.

      On that subject, if there is a place for paid to get support from you it's not obvious where. Equally mystifying is where do I go about getting a refund for a service that is broken (for me at least)?

      Thanks.

      • Gage_Randall
      • 2 yrs ago
      • Reported - view

      Jules A I’ve utilized the NextDNS Mac App and I’ve had no issues and all my DNS Traffic seems to go through that and the rest handled by my VPN I run at the same time.

      • Gage_Randall
      • 2 yrs ago
      • Reported - view
      • Jules_A
      • 2 yrs ago
      • Reported - view

      Thanks, Gage Randall . The problem is all down to my VPN complaining about multiple VPNs running as you'll see above — the app they've built is a VPN.

      The rest of it just plain isn't working and my complaint is there isn't any meaningful support when there is an edge case scenario like mine. We don't need support when everything is going well, we need it when things go wrong, and there isn't the inclination or curiosity to find out what's wrong in this case.

      • Jules_A
      • 2 yrs ago
      • Reported - view

      NextDNS Can you tell me how to get a refund please?

      • NextDNs
      • 2 yrs ago
      • Reported - view

      Jules A contact billing@nextdns.io for a refund.

      Note that some VPNs won’t let you use a custom DNS. This is the way it is. No amount of support can change that.

    • Jason_Kratz
    • 2 yrs ago
    • Reported - view

    In case someone on a Mac comes across this thread....Little Snitch 5  will also cause the profile to fail because of its network extension. Don't think there is a way around that either aside from uninstalling Little Snitch. Just turning off the network filter didn't work.

      • Chris.6
      • 2 yrs ago
      • Reported - view

      Jason Kratz Yeah, no two network extensions can run at the same time (this applies to all apps that have one, not just Little Snitch). According to an Apple dev I talked to via Twitter, this probably won't change. Great :( 

      However, there is no need to uninstall Little Snitch. All you need to do is to go to…

      Settings > Network > 3 dots > Make Service Inactive > Apply

      Only after this can you activate the NextDNS profile. Just tested again, works fine like that. 

      • Jason_Kratz.1
      • 2 yrs ago
      • Reported - view

      Chris I actually just switched to using the CLI which works great and stays out of the way. Thanks for the reply.

Content aside

  • 1 yr agoLast active
  • 27Replies
  • 2056Views
  • 9 Following