NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
ORBI RBR40 Block DNS Bypass
Would like to block direct access to external DNS servers -- requiring all users on my home network to flow DNS through the Orbi router. Found the Advanced option to block Services, and tried blocking access to "DNS" for all hosts except the router itself (i.e. starting at ".2" and ending at ".254"). But that also prevents access to the router's own DNS service. That doesn't seem right, as the Block Service help screen says it blocks access out to the internet only. Also found this page (https://community.netgear.com/t5/Orbi/Preventing-circumvention-of-OpenDNS/m-p/1300593) where someone described the same thing I tried as if it works. If it worked for them, then what did I do wrong? Can anyone suggest something I might have done wrong? Or, can I not use this feature to do what I'm trying to do?
10 Replies
I would contact OrbiPhilip via PM and have help help you...If what he mentioned in that linked post doesn't work for you...
I am not running it now (v2.1.4.16), but I was at the time. I set my block range equal to my DHCP scope, which was x.x.x.100-200.
I am not running it now (v2.1.4.16), but I was at the time. I set my block range equal to my DHCP scope.
P.S. This message editor is awful- I tried again. Used a narrower block range, encompassing just my DHCP scope. Still no bueno -- it blocks *all* DNS access, including requests sent to the router's IP address. I only want to block requests being sent out to the internet. But since there's nowhere to specify which *DESTINATION* IP range I want to block (or which destination IP's I don't want to block) this doesn't appear to be an option. @Netgear: please make the service blocking smart enough not to block services that the router is providing...
Has anyone found a way around this yet? Blocking Services prevents devices from even communicating with the router over port 53.
Have you tried the methods mentioned in this thread?
Might ask OrbiPhilip for more help.
thorax wrote:
Has anyone found a way around this yet? Blocking Services prevents devices from even communicating with the router over port 53.
Sorry, I assumed that would be clear. Yes, I have. It blocks *all* DNS requests, just as was stated up thread.
