Solved Nord Vpn says this about next dns

[peter1111]

 

[Cleo]

View attachment 265131

Do you get the same issue with a TCP connection as with UDP?

 

[peter1111]

no I just launched the app, and it showed this prompt

 

[Brahman]

View attachment 265131

Are you running Nextdns app? The nextdns root certificate is not needed if you are using nextdns doh on windows. If you are on windows 11 you can natively run Nextdns Doh without any root certificate or app. (You can also use yoga Dns app to get rid of the root certificate)
First Set 45.90.28.0 and 45.90.30.0 as system DNS. Then on an elevated command prompt run the following

netsh dns add encryption server=45.90.28.0 dohtemplate=https://dns1.nextdns.io/xxxxxx/Windows
netsh dns add encryption server=45.90.30.0 dohtemplate=https://dns2.nextdns.io/xxxxxx/Windows

Don't forget to replace "xxxxxx" with your nextDns configuration Id.

 

[n8chavez]

This will work. I'm using it with NordVPN right now. Use this script to configure DoH on Windows 11. It works with ipv4 and ipv6. Run powershell as admin. It'll prompt you for NextDNS ID and device name. Aldo, using the group policy (gpedit.msc), it wouldn't hurt to enforce using only DoH.

Computer Configuration > Administrative Templates > Network > DNS Client > Configure DNS over HTTPS (DoH) name resolution, the select Require DoH.

#requires -RunAsAdministrator

$id = Read-Host "NextDNS ID"
$device = Read-Host "Device Name (Leave empty if annonymous)"
$template = "https://dns.nextdns.io/" + $id + "/" + $device

$ipv6a = "2a07:a8c0::" + $id.substring(0,2) + ":" + $id.substring(2,4)
$ipv6b = "2a07:a8c1::" + $id.substring(0,2) + ":" + $id.substring(2,4)

Write-Host Adding DOH servers... -ForegroundColor Green
Remove-DnsClientDohServerAddress -ServerAddress 45.90.30.129, 45.90.28.129, $ipv6a, $ipv6b -Erroraction Ignore | Out-Null
Add-DnsClientDohServerAddress -ServerAddress 45.90.28.129 -DohTemplate $template -AllowFallbackToUdp $False -AutoUpgrade $True
Add-DnsClientDohServerAddress -ServerAddress 45.90.30.129 -DohTemplate $template -AllowFallbackToUdp $False -AutoUpgrade $True
Add-DnsClientDohServerAddress -ServerAddress $ipv6a -DohTemplate $template -AllowFallbackToUdp $False -AutoUpgrade $True
Add-DnsClientDohServerAddress -ServerAddress $ipv6b -DohTemplate $template -AllowFallbackToUdp $False -AutoUpgrade $True

Write-Host Redirect DNS to DOH... -ForegroundColor Green
Get-NetIPConfiguration | where InterfaceAlias -match "^Mine|^Ethernet" | ForEach { ($_).InterfaceIndex } | ForEach { Set-DnsClientServerAddress -InterfaceIndex $_ -ServerAddresses 45.90.28.129, 45.90.30.129, $ipv6a, $ipv6b }

 

[RunningBadger]

This is how I resolved the same issue.

Go to How to install and trust NextDNS Root CA and install their root certificate. Reboot. When you start NordVPN next time, it will prompt you again, but this time clicking "Trust" should work as expected.