Hallo
im subscribing ISP call indihome, this ISP is only provider in my location. and if i search website with http or just ip address for example 202.65.113.16, it allways redirecting to their website or ads (https://www.indihome.co.id/) . I have to re-enter website with http or only ip address 3-4 times to enter real website its anoying.
i try to block ip address or the website in static dns indihome.co.id 127.0.0.1 or block with filter rule like this
chain=forward action=reject reject-with=icmp-network-unreachable protocol=tcp content=indihome.co.id ,
but if i block it i can't enter the real website, its just stuck with redirect to https://www.indihome.co.id/
edited: i try to using other dns like open dns with port 5353 or 443, it still dosent work.
how can i bypass this redirecting?
PS. I am new to this, sorry if I miss something, please request any additional information if needed.
Thank you!
-
-
undukunduk
just joined
- Posts: 1
- Joined:
Re: ISP allways redirecting http to their ISP website, how bypass it?
Afaik either they interfering your DNS request or using DPI (Deep Packet Inspection), try using DoH (DNS Over Https) feature on latest ROS 6.47beta49, sample setup is the following (Credit @CosmosNetwork ) :
Don't forget to flush your mikrotik DNS cache & windows/linux DNS caches (easiest is by restarting your PC) afterwards the DoH settings.
If it's slow through Mikrotik, try to run DoH through Acrylic DNS in your windows, if either way are still problematic, try running GoodbyeDPI.DoH configuration example. Cacert.pem is CA certificates extracted from Mozilla.
Code: Select all/ip dns set servers=1.1.1.1,1.0.0.1 /system ntp client set enabled=yes server-dns-names=time.cloudflare.com /tool fetch url=https://curl.haxx.se/ca/cacert.pem /certificate import file-name=cacert.pem passphrase="" /ip dns set use-doh-server=https://1.1.1.1/dns-query verify-doh-cert=yes /ip dns set servers=""
Don't forget to flush your mikrotik DNS cache & windows/linux DNS caches (easiest is by restarting your PC) afterwards the DoH settings.
Re: ISP allways redirecting http to their ISP website, how bypass it?
Hallo
im subscribing ISP call indihome, this ISP is only provider in my location. and if i search website with http or just ip address for example 202.65.113.16, it allways redirecting to their website or ads (https://www.indihome.co.id/) . I have to re-enter website with http or only ip address 3-4 times to enter real website its anoying.
i try to block ip address or the website in static dns indihome.co.id 127.0.0.1 or block with filter rule like this
chain=forward action=reject reject-with=icmp-network-unreachable protocol=tcp content=indihome.co.id ,
but if i block it i can't enter the real website, its just stuck with redirect to https://www.indihome.co.id/
edited: i try to using other dns like open dns with port 5353 or 443, it still dosent work.
how can i bypass this redirecting?
PS. I am new to this, sorry if I miss something, please request any additional information if needed.
Thank you!
Di you use DST-NAT for OpenDNS ? try use this code :
Code: Select all
/ip firewall nat
add action=dst-nat chain=dstnat comment="OpenDNS [208.67.222.222] UDP" \
dst-port=53 in-interface=bridge protocol=udp to-addresses=208.67.222.222 \
to-ports=443
That will redirect any DNS requests to Mikrotik at port 53 to OpenDNS at port 443
Make sure that rule is on top if you have other rules for NAT
Re: ISP allways redirecting http to their ISP website, how bypass it?
This worked for me. The only command that failed on my RB4011 was the "server-dns-names=time.cloudflare.com".Afaik either they interfering your DNS request or using DPI (Deep Packet Inspection), try using DoH (DNS Over Https) feature on latest ROS 6.47beta49, sample setup is the following (Credit @CosmosNetwork ) :If it's slow through Mikrotik, try to run DoH through Acrylic DNS in your windows, if either way are still problematic, try running GoodbyeDPI.DoH configuration example. Cacert.pem is CA certificates extracted from Mozilla.
Code: Select all/ip dns set servers=1.1.1.1,1.0.0.1 /system ntp client set enabled=yes server-dns-names=time.cloudflare.com /tool fetch url=https://curl.haxx.se/ca/cacert.pem /certificate import file-name=cacert.pem passphrase="" /ip dns set use-doh-server=https://1.1.1.1/dns-query verify-doh-cert=yes /ip dns set servers=""
Don't forget to flush your mikrotik DNS cache & windows/linux DNS caches (easiest is by restarting your PC) afterwards the DoH settings.
Thanks.
Who is online
Users browsing this forum: No registered users and 31 guests