DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
DNS Filter and CSM Headache
- tdk1964
- Topic Author
- Offline
- New Member
-
14 Oct 2014 13:47 #81407
by tdk1964
DNS Filter and CSM Headache was created by tdk1964
I've been trying for a week now to configure my 2860n+ and so far have completely failed to get it working properly. I'm beginning to think this router is seriously flawed. All I’m trying to do is block gambling sites (http and https) and other inappropriate content.
What I am trying to do is relatively simple, or so I thought. Here’s what I’ve done so far.
I have bound all devices using MAC IP Binding.
DHCP Address leases range 192.168.1.100 - 200
IP Ranges defined
Servers and media devices: 192.168.1.10 - 49
My Devices: 192.168.1.50 - 59
Other Devices: 192.168.1.60 - 69
Kids Devices: 192.168.1.70 - 79
Web Content Filters (paid for subscription)
BlockAll - All groups are blocked
Servers - Pass All
MyDevices - Pass All
OtherDevices - Blocking news and
KidsDevices - Blocking news and
DNS Filter
Enable: True
Service: WCF-4 OtherDevices
Firewall Filters in Set 2 (Default Data Filter)
xNetBios -> DNS
Block All
IP Source: Any
Action: Block if no further match
Web Content Filter: BlockAll
Servers
IP Source: 192.168.1.10~192.168.1.49
Action: Pass if no further match
Web Content Filter: None
My Devices
IP Source: 192.168.1.50~192.168.1.59
Action: Pass if no further match
Web Content Filter: None
Other Devices
IP Source: 192.168.1.60~192.168.1.69
Action: Pass if no further match
Web Content Filter: OtherDevices
Kids Devices
IP Source: 192.168.1.70~192.168.1.79
Action: Pass if no further match
Web Content Filter: KidsDevices
Test Results
To test I used 2 siteshttp://www.bbc.co.uk and https://www.bingogodz.com
From Servers Group
bbc - blocked - wrong!
bingogodz - failed to block - why?
From MyDevices
bbc - blocked - wrong!
bingogodz - failed to block - why?
From OtherDevices
bbc - blocked but now message as to why
bingogodz - not blocked - should have been blocked
I can only assume the Draytek is not u pto the job
What I am trying to do is relatively simple, or so I thought. Here’s what I’ve done so far.
I have bound all devices using MAC IP Binding.
DHCP Address leases range 192.168.1.100 - 200
IP Ranges defined
Servers and media devices: 192.168.1.10 - 49
My Devices: 192.168.1.50 - 59
Other Devices: 192.168.1.60 - 69
Kids Devices: 192.168.1.70 - 79
Web Content Filters (paid for subscription)
BlockAll - All groups are blocked
Servers - Pass All
MyDevices - Pass All
OtherDevices - Blocking news and
KidsDevices - Blocking news and
DNS Filter
Enable: True
Service: WCF-4 OtherDevices
Firewall Filters in Set 2 (Default Data Filter)
xNetBios -> DNS
Block All
IP Source: Any
Action: Block if no further match
Web Content Filter: BlockAll
Servers
IP Source: 192.168.1.10~192.168.1.49
Action: Pass if no further match
Web Content Filter: None
My Devices
IP Source: 192.168.1.50~192.168.1.59
Action: Pass if no further match
Web Content Filter: None
Other Devices
IP Source: 192.168.1.60~192.168.1.69
Action: Pass if no further match
Web Content Filter: OtherDevices
Kids Devices
IP Source: 192.168.1.70~192.168.1.79
Action: Pass if no further match
Web Content Filter: KidsDevices
Test Results
To test I used 2 sites
From Servers Group
bbc - blocked - wrong!
bingogodz - failed to block - why?
From MyDevices
bbc - blocked - wrong!
bingogodz - failed to block - why?
From OtherDevices
bbc - blocked but now message as to why
bingogodz - not blocked - should have been blocked
I can only assume the Draytek is not u pto the job
Please Log in or Create an account to join the conversation.
- sicon
- Offline
- Contributor
-
Moderators: Chris