-
-
Save awoland/d127fe033cfcd6ab0b17e0a830ab14f5 to your computer and use it in GitHub Desktop.
Setup Cloudflare as a DoH (DNS over HTTPS) resolver on Mikrotik devices (RouterOS v7.0.2+)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Temporarily add a normal upstream DNS resolver | |
| /ip dns set servers=1.1.1.1,1.0.0.1 | |
| # CA certificates extracted from Mozilla | |
| /tool fetch url=https://curl.se/ca/cacert.pem | |
| # Import the downloaded ca-store (127 certificates) | |
| /certificate import file-name=cacert.pem passphrase="" | |
| # Set the DoH resolver to cloudflare | |
| /ip dns set use-doh-server=https://1.1.1.1/dns-query verify-doh-cert=yes | |
| # Remove the old upstream DNS resolvers | |
| /ip dns set servers="" | |
| # Delete the certificate file | |
| /file remove cacert.pem | |
| # OPTIONAL - Disable DDNS | |
| /ip dhcp-client set use-peer-dns=no # Enter 0 as a number if it asks you | |
| # If you are connection over LTE (for exmaple with a chateau) | |
| /interface lte apn set use-peer-dns=no # Enter 0 as a number if it asks you | |
| # Verify, that DynDNS is disabled | |
| /ip dns print |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment