3

Using NordVPN and NextDNS but DNS leak allowing VPN detection

I'm trying to watch Amazon Prime videos, but my combination of using NordVPN and NextDNS seems to have a leak that allows Amazon to detect my use of a VPN.  I've contacted NordVPN and their only suggestion is to use their DNS servers, which of course I do not want.

Does anybody have an idea on how to fix this?

17 replies

null
    • Mitchell_Parks
    • 3 yrs ago
    • Reported - view

    This is certainly something many of us will run into in the future.  I will like and follow this to see if someone has an afternoon or full day off to play with it and discover it and share the solution.  Thanks fo r sharing Anson Li

    • Maxime_Menard
    • 3 yrs ago
    • Reported - view

    I have the same problem with Express VPN. I also contacted them and told me I have to deactivate NextDNS if I want to use a VPN

      • Mary_Smith
      • 3 yrs ago
      • Reported - view

      Maxime Menard How did you get ExpressVPN and NextDNS to work together?

    • Ian_Morris
    • 3 yrs ago
    • Reported - view

    Are you running an adblocker like uBlock Origin. If so try disabling it and see if the DNS leak stops.

     

    UBlock Origin version 1.34 added a Privacy setting "Uncloak Canonical Names" and turned it on by default. This causes uBlock origin to do resolve DNS queries itself and hence the leakage.

    This setting was previouly under "I am an advanced user" and was off by default.

    • Ian_Morris
    • 3 yrs ago
    • Reported - view

    I should also say I am running NordVPN and NextDNS and it works fine with no leakage, as I am sure will expressVPN

      • Anson_Li
      • 3 yrs ago
      • Reported - view

      Ian Morris What's your setup? I tried turning the setting and uBlock itself off and it doesn't work.

      • Ian_Morris
      • 3 yrs ago
      • Reported - view

      Anson Li I am running uBlock in firefox; if you are using a Chrome browser uBlock works differently since Chrome doesnt have its own DNS API that Firefox has.  Have you tried disabling the uBlock extension just to test it (or temporarily uninstall it) - it worked for me. I would recommend you try firefox which works for me.

      • Anson_Li
      • 3 yrs ago
      • Reported - view

      Ian Morris Yeah i'm using Firefox. Disabling worked, like you said. Is there no way to get the same effect with changing some settings?

      • Ian_Morris
      • 3 yrs ago
      • Reported - view

      Anson Li Like I said, I went into uBlock's Settings and unticked Uncloak Canonical Names (if you are using version 1.34 or later) - that should do the trick.

      Since I now run nextDNS on my router and redirect all DNS queries to it (using NAT rules) it is no longer an issue for me anyway.

      • Anson_Li
      • 3 yrs ago
      • Reported - view

      Ian Morris Actually, it seems even with it unchecked and disabled, Amazon still knows I'm on a VPN. I think when I tried it last my VPN was off.

      • Ian_Morris
      • 3 yrs ago
      • Reported - view

      Anson Li It is easy to tell, certainly my router load "Known VPN Network IPs" on a hourly basis. So it would be able to tell from your source IP address. However, that is different from DNS leakage which is what I thought you were talking about earlier?

      • Anson_Li
      • 3 yrs ago
      • Reported - view

      Ian Morris I thought that DNS leak was the reason why Amazon can see if you're on a VPN or not.

      • Ian_Morris
      • 3 yrs ago
      • Reported - view

      Anson Li I don't know how Amazon detect it but most organisations use the IP Ranges associated with the Autonomous Systems number of VPN providers.

    • Lorenzo_Ori
    • 3 yrs ago
    • Reported - view

    don't use nordshitvpn please

    • Maxime_Menard
    • 3 yrs ago
    • Reported - view

    Ian Morris  I tried to disable Ublock and I am using Firefox, but I still got a DNS leak with Express VPN. But more importantly, like Anson Li, streaming services detect the VPN. And I works perfectly if I disable Next DNS

      • Ian_Morris
      • 3 yrs ago
      • Reported - view

      Maxime Menard It depends on how you are disabling Ublock, have a look at my earlier post about unticking "Uncloak canonical name" under uBlock's settings and retest. The DNS leakage is specific to uBlock on Firefox, since unlike Chrome it has a DNS API that uBlock can use.

      I would be very surprised if ExpressVPN is not compatible with nextDNS - when using a VPN service normally you would use the DNS Servers associated with the VPN and not nextDNS, when there is no VPN you would normally use nextDNS - if configured properly this switch is automatic. Also if you have configured the VPN to continue using nextDNS, then yes that show as a DNS Leakage (because it is going to a third party and not the VPN provider) but as long as your DNS traffic is encrypted, it shouldn't be an issue if you trust nextDNS, since no-one else can read your queries or replies. 

      Also detecting that you are using a VPN does not have anything to do with DNS leakage, since there are managed tables specifying the ip address ranges of VPN providers (again see my earlier post above). I use these table to prevent VPN connections being established on my secure network.

    • ruby_bear
    • 3 yrs ago
    • Reported - view

    Marketing solicitors run into this all the time. Why they contract with companies who can provide RESIDENTIAL IP addresses and proxies. Such services are expensive, but there is no way around them because the IP addresses of datacenters and VPN hosts are well known. I don't recommend them (after using for many years)...but SMARTDNS works: https://www.smartdnsproxy.com/PreSignUp I say this as someone who is wrongly blocked by many services (absolutely no fuckery from us) due to the ignorance of some blocklists. I've found that the best way to use this service with Rokus and such is to insert a dedicated OpenWRT router ahead of each Roku tied to the Smart DNS service. Have tried many other methods - this is the best. GL-iNet on Amazon sells a Mango unit which works great. If you find a better SmartDNS supplier than the one listed, please post it here. NordVPN is just the wrong tool for this. I doubt they have any residential IP addresses set aside.. ONLY residential IP addresses will work.

Content aside

  • 3 Likes
  • 3 yrs agoLast active
  • 17Replies
  • 1949Views
  • 7 Following