Is it possible to use ProntonVPN + NextDNS (configured at the UDM router level) simultaneously?

Hello! First time poster.

I have a Ubiquity UDM SE which is configured and hardened to force all outgoing traffic through my NextDNS profile. This works amazingly well, capturing almost 80k DNS request per day throughout my home network and blocking nearly 20%.

When using my main PC, I would like to have ProtonVPN auto-connect to my favorite server and redirect all DNS queries to NextDNS.

This has proven to be a massive headache. I’m surely missing something obvious? I’m kinda new to networking setups, dabbling here and there to configure my network over the past few years.

I would appreciate some constructive ideas or solutions you may have come across!

Thank you!

If your computer is configured to use NextDNS it will use it through the Proton VPN tunnel. You can verify it in the NextDNS settings page, I think there’s something there that will tell you if you’re using NextDNS or not.

Welcome! What you are asking should be technically possible. I am not using ProtonVPN but did you have a look at this?

Kind of related, but is there a way to make it so I can seamlessly use NextDNS by default when not using a VPN, but when I turn on Proton VPN, it overwrites it, sending requests only through Proton’s DNS?

Is there a way to do this at the device and/or browser level (Fedora + GrapheneOS)? (I’m still using my ISP router unfortunately, plus I want to take these settings with me when not at home).

Hi! yep, I’ve looked at that. Proton basically expects an ip address for the DNS server. Ordinarily, this would be fine but NextDNS allows custom rules to be created via what they call a profile. Thus, your specific profile cannot be simply accessed via the server’s ip address alone. Ideally, their app would accept a DNS stamp instead.

Kinda looks like “sdns://AgcAAAAAAAAAAAAQMT439JJk546uMC4xOoPlkMy…” as opposed to simply “45.90.28.69”

My NextDNS is programmed at the router level using a DNS stamp. If I run Proton on my PC, it defaults to Pronton’s DNS resolver, bypassing my network-level settings.

So, to put it simply, I cannot:

1. Configure Proton to connect to my NextDNS profile, only the main server.
2. Set my 192.168.1.1 router as Proton’s default DNS, it will bypass it and use its own resolver.

I feel like Proton simply isn’t capable of connect to NextDNS with an explicit profile.

sucks!

Ah, I see. There are some tutorials on reddit for Windows: [Guide] Unofficial guide for setting up protonVPN + NextDNS on Windows - r/ProtonVPN or for Mac [Howto Guide] Use ProtonVPN + NextDNS (via OpenVPN) with Passepartout app (for MacOS/iOS) to have a VPN with great, user controlled malware & ad blocking, even when on cellular/mobile networks! - r/ProtonVPN but not sure what OS your device is running.

Before giving up I would also try some AIs, as they surprised me often with their solution finding. That’s all I can contribute I am afraid, good luck and share it here if you find a way!

Thank you so much! I ended up switching to Mullvad and using my IPv6 address, which NextDNS supplies. It turns out that the IPv6 address can contain your NextDNS profile, which makes the entire setup on my Windows computer EASY PEASY, lemon squeezy!

Steps

1. Install Mullvad on Windows PC.
2. Go to settings > VPN settings > Check “Use custom DNS”.
3. Fetch the two IPv6 addresses that NextDNS offers in your account’s setup page.
4. Paste into Mullvad.
5. Run.

NextDNS will instantly start receiving DNS queries as expected from the brand new IP address Mullvad provides, whether you’re on IPv4 or IPv6. Done deal!

TLDR: Use your IPv6 address from NextDNS in your VPN provider’s DNS settings. That’s all. So happy it works!