NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

PreventDNSbypas's avatar
PreventDNSbypas
Follower
Jun 04, 2023

On Orbi RBR750 how do I block destination IP addresses?

Hi, running Orbi 750 - how do I block IP traffic to specific IP addresses?  I want to only allow dns traffic to my OpenDNS provider and deny these sneaky kids from getting around that by putting in ip address blocks to the common DNS providers.  I don't see a clean way of doing that and need some help from the other pros here.

1 Reply

Sort By
  • CrimpOn's avatar
    CrimpOn
    Guru
    Jun 05, 2023

    Just to be clear, my opinion is that the kids will win.. They have more time and ingenuity.  I am 99% certain that no Orbi router, residential or Pro, has a feature to block access to designated internet IP addresses.

     

    Two suggestions:

    • Try Netgear Smart Parental Controls (SPC).  It is annoying that Netgear has no published documentation on SPC, which would allow potential customers to research features and capabilities. (At least I haven't found anything.)  To be honest, I declined the offer of a free trial for SPC because "trial" implied, "And then there is an annual fee... forever."  Thus, I have zero personal experience with SPC and only anecdotal observations from posts on the forum from unhappy users.  (Happy users do not tend to post complaints.)
    • Consider defining Static Routes (page 149 in the User Manual). Create entries for every DNS server that you wish redirected to OpenDNS.  This article shows how to do this with a different DNS resolver.  You already have OpenDNS defined as the Orbi DNS resolver:
      https://support.smartdnsproxy.com/article/101-static-ip-routing-for-router-modem 
      The concept is that every attempt to reach a DNS server that is on your list gets redirected to the Orbi itself.

      This might prove to be an interesting contest to see which kid can find a DNS server that you have not blocked.

      There is another reason this method may fail: IPv6.  Orbi Static Routes function only with IPv4 addresses. The User Manual does not include any Orbi capability to define static routes for IPv6 addresses.
      Another tactic might be to install a firewall ahead of the Orbi router, such as pfSense and use that firewall to block access to a list of DNS servers.