Jump to content
  • 0

Don't work ISP connection with Secure DNS after update or config upload

b1oki

Asked by b1oki,

 Share

Question

b1oki Newbie

b1oki

Posted
Posted

Keenetic Ultra II. Version 4.00.A.10. DoH and DoT was configured.

After update to 4.00.A.18 can't connect to any IP. Remove DoH and DoT through web-interface, enable ISP name-servers, and after that ping IP and DNS resolve works.

Configure DoT and DoH through web-interface, Cloudflare check pass. Try export config and upload them, issue with ping any IP.

After each update, I need to remove all elements and reconfigure the DNS settings.

Today it happened again when upgrading from 4.00.A.18 to 4.00.B.2

Some parts from my config:

interface GigabitEthernet1
    ip address dhcp
    ip dhcp client hostname Keenetic_Ultra
    ip dhcp client dns-routes
    ip no name-servers
    ipv6 no name-servers
    ping-check profile default

dns-proxy
    rebind-protect auto
    intercept enable
    tls upstream 1.0.0.1 sni cloudflare-dns.com
    tls upstream 1.1.1.1 sni cloudflare-dns.com
    https upstream https://cloudflare-dns.com/dns-query dnsm
    filter engine public

Link to comment
Share on other sites

3 answers to this question

Recommended Posts

  • 0
Denis P Content Generator

Denis P

Posted
Posted
40 минут назад, b1oki сказал:

Keenetic Ultra II. Version 4.00.A.10. DoH and DoT was configured.

After update to 4.00.A.18 can't connect to any IP. Remove DoH and DoT through web-interface, enable ISP name-servers, and after that ping IP and DNS resolve works.

Configure DoT and DoH through web-interface, Cloudflare check pass. Try export config and upload them, issue with ping any IP.

After each update, I need to remove all elements and reconfigure the DNS settings.

Today it happened again when upgrading from 4.00.A.18 to 4.00.B.2

Some parts from my config:

interface GigabitEthernet1
    ip address dhcp
    ip dhcp client hostname Keenetic_Ultra
    ip dhcp client dns-routes
    ip no name-servers
    ipv6 no name-servers
    ping-check profile default

dns-proxy
    rebind-protect auto
    intercept enable
    tls upstream 1.0.0.1 sni cloudflare-dns.com
    tls upstream 1.1.1.1 sni cloudflare-dns.com
    https upstream https://cloudflare-dns.com/dns-query dnsm
    filter engine public

Try using another public secure dns, dot and/or doh

Link to comment
Share on other sites
  • 0
b1oki Newbie

b1oki

Posted
  • Author
Posted

Add insecure DNS, disable itercept, now ping to IP and domain resolve works. 

In the evening, I will try to export and import the configuration file to check the problem from the topic. 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...