DNS Filter is a feature to filter the websites by examining the DNS queries. In CSM >> DNS Filter page, there are two parts of the settings, which are DNS Filter Profile and DNS Filter Local Setting (as the following image shows). We only need to use one of them to make DNS filter work, and the choice depends on what DNS server is the client using.
If LAN client is using an external DNS server, which means the DNS queries are sent to WAN, then we should create DNS Filter Profile and use it in Firewall rules.
You may check the DNS server of a network adapter by the command
ipconfig/all. Below is an example when LAN client is using an external DNS server.
If LAN client is using the router as DNS server, which means the DNS queries are sent to the router itself, then we should use DNS Filter Local Setting instead. DNS Filter Local Setting checks the DNS queries that destined to the router, but it does not filter the source IP. Therefore, note that once DNS Filter Local Setting is enabled, it will apply to all the LAN clients who use the router as DNS server.
Vigor routers also support Blacklist/Whitelist on Local DNS Filter to specify firewall for different users.
Below is an example result of
ipconfig/all command when LAN client is using the router as DNS server.
Was this helpful?