-
-
Save DarrenOfficial/978fb94bbee574a367e2f7b2c46cc69a to your computer and use it in GitHub Desktop.
Setup Cloudflare as a DoH (DNS over HTTPS) resolver on Mikrotik devices for School ORG
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Temporarily add a normal upstream DNS resolver | |
| /ip dns set servers=1.1.1.1,1.0.0.1 | |
| # CA certificates extracted from Mozilla | |
| /tool fetch url=https://curl.se/ca/cacert.pem | |
| # Import the downloaded ca-store (127 certificates) | |
| /certificate import file-name=cacert.pem passphrase="" | |
| # Set the DoH resolver to cloudflare content filtering | |
| /ip dns set use-doh-server=https://9cp74irp2d.cloudflare-gateway.com/dns-query verify-doh-cert=yes | |
| # Remove the old upstream DNS resolvers | |
| /ip dns set servers="" | |
| # Delete the certificate file | |
| /file remove cacert.pem |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Make sure allow remote request is enabled for MikroTik DNS
Filtered Lists:
Adult content, Nudity, Gaming, Gambling, Deceptive Ads, Drugs, Hacking, Profanity, Hate & Extremism, Dating;
Safe search for search engine (I.e. Google, Yandex, Duckduckgo)
Other DoH server (prevents from not using the default content filtering)