macOS: Switching between OpenVPN and NextDNS automatically
Since macOS doesn’t support OpenVPN out of the box, the easiest solution is to use Tunnelblick as your client. Alternatively, there’s CLI builds for OpenVPN available on Homebrew as well.
Regardless of your client of choice though, OpenVPN and NextDNS don’t play well together without a little help. A generic setup that supports both is as follows:
- Install the NextDNS client as usual. This will add a DNS configuration called
NextDNSunder System Preferences → Network. - After the initial setup is done, quit the NextDNS application, as it will try to automatically reconnect otherwise.
- Install Tunnelblick as usual, along with any VPN configurations you need.
- Navigate to
~/Library/Application\ Support/Tunnelblick/Configurations/CONFIGURATION_NAME.tblk/Contents/Resources/whereCONFIGURATION_NAMEis the VPN configuration you want to use. - Create
pre-connect.shwhich will be called before your OpenVPN connection is established:
#!/usr/bin/env bash
# Disconnect from NextDNS before connecting to OpenVPN
networksetup -disconnectpppoeservice NextDNS
- Create
post-disconnect.shwhich will be called after you disconnect from OpenVPN:
#!/usr/bin/env bash
# Reconnect to NextDNS after disconnecting from OpenVPN
networksetup -connectpppoeservice NextDNS
With this setup, whenever you connect to a VPN using Tunnelblick, NextDNS will automatically be turned off. When you disconnect, NextDNS will be turned on again, allowing you to easily switch between the two.