Access Control List to prevent users from using alternate DNS

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Access Control List to prevent users from using alternate DNS

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Access Control List to prevent users from using alternate DNS
Access Control List to prevent users from using alternate DNS
2019-05-19 23:02:44
Model: AC500  
Hardware Version: V1
Firmware Version: 0.9.1 5.0 v0032.2 Build 170228 Rel.38431n

Thank you to anyone that takes the time to read this, it wouldn't let me select the model I have which is an ac750 archer c2 and I am using OpenDNS. I have set the DNS for the WAN to OpenDNS's servers and I'm trying to follow their instructions on ALLOW TCP/UDP IN/OUT to 208.67.222.222 or 208.67.220.220 on Port 53 and BLOCK TCP/UDP IN/OUT all IP addresses on Port 53. I've added the host as the whole range of ip's availabe (192.168.1.0 - 192.168.1.199) on port 53 and named it "All" and the target is OpenDNS's server #1 (208.67.222.222) named "OpenDNS1". I'm just focusing on getting one working right, then I'll add the second. Then for the schedule I have selected all the time available 24/7. 

 

Here is the table in the router control list now:

  Allow DNS IN Any Host OpenDNS... Any Time Allow Enabled Edit  
  Allow DNS out Any Host OpenDNS... Any Time Allow Enabled Edit  
  all in All Any Host Any Time Deny Enabled Edit  
  all out All Any Host Any Time Deny Enabled Edit

 

I've played around with the rules a ton, at one point I had it so I could use the OpenDNS server if my PC was set to auto set the DNS, but if I change it to google's DNS of 8.8.8.8 then it bypasses the OpenDNS and shows adult content and stuff that I don't want. I had ipv6 on before and I was getting weird results, then when I turned ipv6 off it was working as long as I didn't change the DNS.

 

I've been flushing the DNS Resolver Cache via ipconfig /flushdns, but that doesn't seem to help. I can get a little impatient when trying different rules out, should I try resetting the router/each device after I change the rules? Or will it be near instant like I'm hoping?

 

My end goal is to only have 2 devices that are allowed to bypass the OpenDNS and use their own/google's DNS.

 

Thanks for the help!

  0      
  0      
#1
Options
1 Reply
Re:Access Control List to prevent users from using alternate DNS
2019-05-20 22:38:17

Hello,

 

It seems that OpenDNS has already configured the filters for adult content and you just point to the designated DNS servers:

 

https://www.opendns.com/setupguide/#familyshield

 

With respect to the routers WAN DNS servers, change those back to what they were, get rid of the rules in the router. Just change the DNS servers on the devices you want filtered for adult content. The rest can be left alone.

  0  
  0  
#2
Options

Information

Helpful: 0

Views: 1071

Replies: 1

Related Articles