NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

AlexBzzBR's avatar
AlexBzzBR
Follower
May 14, 2021

DNS settings for GUEST networks

  1. I have 3 wireless networks ( A - 2.4Ghz, B - 5Ghz and GUEST 2.4Ghz) enable
  2. On the WAN setup, the primary and secondary DNS'  are pointing to 2 internal addresess ( 192.168.1.5/6) 
  3. I have DNS servers on my internal network ( pihole )
  4. I use my 2.4/5 Ghz wireless network for my computers, printers and servers ( media server , dns, etc ), all using WPA 3 - Personal 
  5. I have my GUEST network enable  (only 2.4Ghz) , using WPA2 and WPA3 and to NOT allow the acess to the other networks ( A, B and Wired )
  6.  I use the GUEST networt for my IoT devices. 

With this setup I'm trying to isolate the IoT devices ( Usually not very secure ). IoTs usually access only 2.4Ghz networks and use the less secure WPA 2.

 

As you wondering, this setup is not working well because the GUEST network CAN'T access the DNS servers and I couldn find a way to by pass the WAN setup ( Well, I can setup a specific DNS server directly in some IoT devices, but in not all of them, so I can overide the DNS servers provided by the Network.).

 

Is there any way to setup the R7500 to use a diferent DHCP and DNS address that are specific for the GUESTnetwork ? 

If not , how can I allow the GUEST network access only the 2 DNS servers addresses on the internal network ?

 

Thank You !  

2 Replies

  • antinode's avatar
    antinode
    Guru
    May 14, 2021

    > 3. I have DNS servers on my internal network ( pihole )

     

    > 5. [...] GUEST network [...] NOT allow the acess [...]

     

    > [...] GUEST network CAN'T access the DNS servers [...]

     

       I suspect that no one writing the firmware considered this situation.
    (At least not enough to deal with it.)

     

    > Is there any way to setup the R7500 to use a diferent DHCP and DNS
    > address that are specific for the GUESTnetwork ?

     

       So far as I've seen, Netgear consumer-grade routers offer no
    user-configuration options for their DHCP servers (other than pool range
    and Address Reservation).

     

    > If not , how can I allow the GUEST network access only the 2 DNS
    > servers addresses on the internal network ?

     

       "Allow guests to see each other and access my local network" seems to
    be binary, too.


       If you're running a Pi-hole for DNS, then I'd guess that you could
    also run your own DHCP server, which might let you customize the DNS
    server settings provided to particular clients, but I see no way to get
    around the "access my local network" prohibition for "guests".  At least
    not with the Netgear firmware.  You might have a better chance with
    third-party firmware, if any exists for your model.

     

          https://community.netgear.com/t5/x/idb-p/idea-exchange-for-home

     

       I wouldn't hold my breath.