mynetworktraining.com - In this video, I will show you how to use OpenDNS together with MikroTik to protect your network from malicious websites #opendns #mikrotik #dns
You have 2 DNS Servers under DHCP Server > Networks. The dns-nat only forwards to only 1 DNS server. Does it mean that the 2nd DNS is now useless as all dns traffic is redirected only to 1 DNS? Is it possible to redirect to either of the DNS and not only to 1 DNS?
this happened to me when i tried to set up firewall rules for some vlans, when i was enabling "use ip firewall" at bridge settings. What i did was to assign hotspot not on bridge anymore but on an ethernet interface
i still not sure about srcnat and dstnat, can you have a video about defference between each chain and action of ip firewall nat?
Wouldn't it be easier to set up separate subnet with its own DHCP pool and DNS config (for those without openDNS)?
You have 2 DNS Servers under DHCP Server > Networks. The dns-nat only forwards to only 1 DNS server. Does it mean that the 2nd DNS is now useless as all dns traffic is redirected only to 1 DNS?
Is it possible to redirect to either of the DNS and not only to 1 DNS?
correct. you can create more dst-nat rules in this case
On my Mikrotik router I don't have the DNS servers blocks to enter these addresses
And what if I have DNS FastTrack on Firewall? Does the dns-nat gets ignored by FastTrack?
based on MikroTik Wiki, IPv4 FastTrack handler supports NAT (SNAT, DNAT or both).
Works great thanks 👍 Only OpenDNS showing different IP addresses as you show in the video. Do you need to update the DNS addresses regularly?
What if ISP enforces you to use its DNS?
doesn't work with hotspot users, after applying the rules the hotspot login page doesn't appear?
this happened to me when i tried to set up firewall rules for some vlans, when i was enabling "use ip firewall" at bridge settings. What i did was to assign hotspot not on bridge anymore but on an ethernet interface
does it affect to the mobile aplicativos or only web?
all
@@MAICT it doesn't work for phones applications, already tested. No complains about https!