NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
CAX80 How do I block specific IPs?
I want to block google DNS (8.8.8.8) and for the life of me I cannot figure out how to do it on my CAX80. Does anyone know how?
Yes I read the manual thoroughly. I read every section on any of kind access control and blocking I could find.
As far as I can tell the only blocking is keyword blocking.
Can this super expensive router/modem really not do a simple IP block?
> I want to block google DNS (8.8.8.8) [...]
I don't know what that means. What, exactly, is happening which you
want to stop?
> [...] for the life of me I cannot figure out how to do it on my CAX80.
For the life of me, I can't guess what you're trying to do.
> Did you respond to the wrong thread? [...]
If it disappeared, then it was probably a scam-link post. Some
children post semi-random text in forums like this, and include a link
to some (typically malicious) web site. Sometimes, forum moderators
will remove such posts.
- I run my own recursive DNS via a PiHole with Unbound. This means I don't have to use a DNS service (normally your ISP auto-assigns theirs but there are lots including google, cloudflare, etc).
The problem is some Google smart home devices use hard coded DNS and bypass my recursive DNS server.
If I can block googles DNS servers (8.8.8.8 and 8.8.4.4) then those smart devices will be forced to use my DNS.
Blocking an IP at the router level should be simple and has been basic functionality on Netgear devices for decades. It's usually called IP blocking or static routes. I can't find either with the CAX80> The problem is some Google smart home devices use hard coded DNS and
> bypass my recursive DNS server.
And that's a "problem" because?Many Internet-of-Junk devices use a hard-coded DNS server for some
purposes. Generally for very good reasons.> If I can block googles DNS servers (8.8.8.8 and 8.8.4.4) then those
> smart devices will be forced to use my DNS.You think that you can bend them to your will through frustration?
I know nothing, but I'd expect them to stop working, because they
don't trust your personal DNS server. Which would be a wise approach
for IoJ (or general gizmo) security.> [...] It's usually called IP blocking or static routes. [...]
It is? By Netgear?
I can see how one might create a purposely defective static route to
achieve such a result, but I don't recall seeing a static-route
capability in any Netgear cable modem+router models. Plain router,
yes; DSL modem+router, yes. (Must be a feature.)
> Can this super expensive router/modem really not do a simple IP block?Looks that way to me, at least not using a static route. Possibly
interesting (including an authoritative response):- Ok so I guess the answer must be no I cannot do this. Pretty discouraging.
billg118 wrote:
Blocking an IP at the router level should be simple and has been basic functionality on Netgear devices for decades. It's usually called IP blocking or static routes. I can't find either with the CAX80Static routes are as the name says not really intended for IP blocking, but of course one could send select addresses to some dummy or non-existing IP or subnet.
Beyond I'm fully with you. Not aware Netgear had IP blocking the last decade(s) [certainly not on the consumer routers], just the darned service blocking, and this just for LAN->WAN (an utterly useless feature, as much to limited).
It's one of the key reasons why we abandoned Netgear consumer routers with our customer sites.
Well I know that this is possible on a lot of their routers. My friend has an r7000 and he can do this in about 5 seconds.
It must not be a feature avaiable on the router/modem combos for some reason. Sucks =/
