0

2024 Ubiquiti DNS Shield Configuration Issue

I noticed that Ubiquiti now allows the use of DNS Shield which allows DNS over HTTPS within the Dream Machine Pro's Controller software. I also noticed that NextDNS has 3 entries in the UniFi control panel by default (see attached screenshot). I have a paid NextDNS Pro account. How do I force Ubiquiti's settings to use my specific paid account? In other words, how do I set it to use "https://dns.nextdns.io/XXXXXX" as an entry?

59 replies

null
    • Roman_Gonzalez
    • 2 wk ago
    • Reported - view

    Hi Guys, I enabled both the CLI and the Custom. is there any issue with doing this? show I only have one?

      • Radman
      • 6 days ago
      • Reported - view

       you mean you have the DNS Shield set up and the CLI installed? 
       

      there are no issues with that, it’s what I have. 

      • James.46
      • 6 days ago
      • Reported - view

       this is a pretty smart move, I think I'll do it too! If for whatever reason Unifi OS gets updated and you forget to restart the CLI installation, at least the traffic will continue to pass through NextDNS albeit without device names...

      • NextDNs
      • 6 days ago
      • Reported - view

       with the latest version of the CLI, it will survive UDM firmware upgrade BTW.

      • Radman
      • 5 days ago
      • Reported - view

       “kinda”

      as above while it survives it is not fully functional until manually restarted.

    • Jason_Miles
    • 5 days ago
    • Reported - view

    Since Unifi has added the ability to configure NextDNS within their UDM’s UI using Custom DNS (formerly DNS Shield), what is the point or benefit of continuing to use the CLI installer?

      • David_A.1
      • 4 days ago
      • Reported - view

       You get per device information in the nextdns portal doing it this way. If you use the GUI you can't tell what host made the dns request.

      • Radman
      • 4 days ago
      • Reported - view

        what David said, I use both. The CLI to add per endpoint info, and DNS Shield for network wide channeling of encrypted DNS.

      • Daniel.53
      • 3 days ago
      • Reported - view

       one question: does the internal DNS resolution of the Unifi device (e.g. creating own records etc) still work when using either one or both of them, or do you loose this functionality?

    • Defender
    • 4 days ago
    • Reported - view

    I'm using Control D's CLI which will work with NextDNS or any other DoH/DoT provider.  It's much more stable, survives reboots and firmware updates, and is highly configurable.  Until Ubiquiti changes something in their firmware which they're known for doing.

Login to reply

Content aside

  • 3 days agoLast active
  • 59Replies
  • 11900Views
  • 27 Following