Buy or Renew
Buy or Renew
NOTICE: OpenDNS reactivated for users in Belgium. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
126
Views
1
Helpful
5
Replies

CISCO RV042, blocking LAN PC custom DNS rerouting...

nalasha791
Level 1
Level 1

‎07-29-2015 03:06 PM

Can I keep traffic from PC configured DNS entries from routing through my firewall to the Internet outside of OpenDNS?

5 Replies 5

nalasha791
Level 1
Level 1

‎07-29-2015 03:17 PM

Here is the answer... YES!!! Thanks to this post (http://community.linksys.com/t5/Wireless-Routers/Firewall-rules-to-force-use-of-OpenDNS/td-p/585078) I was finally able to subvert a programmed DNS entry and direct it to OpenDNS servers! I hope this will help you too!

Here is the post:
... I read online that users can bypass the use of OpenDNS DNS servers by choosing their own DNS servers on their computer network connections. 

The solution is involves firewall rules that limit DNS servers accessed through port 53 to only OpenDNS.  

... add 3 rules in the Firewall | Access Rules on the LAN side of your network:

Source interface = LAN
1 Allow ANY (source) to 208.67.222.222 (destination) DNS port 53 UDP
2 Allow ANY (source) to 208.67.220.220 (destination) DNS port 53 UDP
3 Deny ANY (source) to ANY (destination) DNS port 53 UDP

The RV042 firewall sets these rules in priority of the lowest number, so this order matters here. I do have another question, though.

The built-in protocols only list a service for the DNS on port 53 as UDP, thus the entries above. Will I have need to duplicate this with TCP service entries for DNS? I don't have an option for BOTH (tcp/udp) in the service definition... I don't understand that...

0 Helpful

mattwilson9090
Level 4
Level 4

‎07-29-2015 11:15 PM

Are you trying to say that you want to prevent traffic from any device on your network from going to any DNS server but that of OpenDNS?

If so, I can't speak to that specific router, but what you should look for in the settings is something that discusses intercepting port 53, or firewall settings that allow you to block or allow outgoing internet traffic by port or IP address.

0 Helpful

rotblitz
Level 6
Level 6

‎07-29-2015 11:55 PM

You block port 53 TCP+UDP passthrough through the router, or you redirect all port 53 traffic on the router to OpenDNS.

0 Helpful

nalasha791
Level 1
Level 1

‎07-31-2015 09:41 AM

I actually wrote a long response to my own post here to explain the methods I used to make this work. The message was intercepted for a moderator to take a look at it. Will thi post be coming to the thread?

0 Helpful

rotblitz
Level 6
Level 6

‎07-31-2015 10:58 AM

Before you wait for your message being approved and appearing here, what about to make a text file out of your message add it as an attachment here?

0 Helpful
Customers Also Viewed These Support Documents