I have a Pepwave MAX BR1 MK2, how do I force network devices to use the configured DNS server?
I would like to use AdGuard Home or Cloud, but without configuring each machine it’s a no go.
Today, users can use software or change their DNS manually. I saw some discussion in the forums, but it didn’t seem to help.
Thanks so much.
You can turn on DNS service forwarding to local DNS proxy.
Morning Martin!
I found your post on this before, but it didn’t work. I think I’m missing a part of the puzzle. I clicked the question mark off to the right that’s not visible in your image, it says,
When this option is enabled, all outgoing DNS lookups will be intercepted and redirected to the built-in DNS name server.
If any LAN device is using DNS name servers of a WAN connection, you may want to enable this option to enhance the DNS availability without modifying the DNS server setting of the clients. The built-in DNS name server will distribute DNS lookups to corresponding DNS servers of all available WAN connections. In this case, DNS service will not be interrupted even if any WAN connection is down.
So from here, can you walk me through what else I need to configure? If it’s helpful, I can explain what I’ve tried and provide screenshots as well.
Thanks so much!
Hi Brandon,
You’ll want to go to the DNS resolvers section in LAN Settings.
THis will then let you set where forwarded DNS lookups go next.
There are two flavors of DNS, old insecure and new secure. Thus there are two answers to your question. The previous answers were about old DNS.
New DNS can be configured using the DNS over HTTPS feature. This will send all old DNS requests to the specified server.
That said, any web browser configured to use secure DNS will use it and bypass any settings in the router. Then too, a device running a VPN should also bypass DNS settings in the router.
So, there is really no way to direct all DNS requests anywhere.
I did try that, but no luck. Where the arrows are, I set the new DNS servers I wanted to use.
This actually bypasses (I understand by design) the setting for Network > WAN > DNS over HTTPS which kills my goal in this case.
On that note, I think @Michael234 is right. For example, I’m running AdGuard on my Mac, so I manually changed my DNS to a DoH server and it bypasses the Pepwave setting. I was hoping to force, in all cases, network users to use the Pepwave DNS server settings.
I’m starting to think that’s not possible unless you have admin rights over the network devices in question. Then you can prevent software installaton or hardset DNS there.
If there’s another way, I’d love to know. Thanks folks!
When old DNS was the only DNS, a Peplink router could force all attached devices to use the DNS servers it wanted them to use. All that was needed was the DNS forwarding option that Martin pointed out already.
However, new secure/encrypted DNS changes things and I don’t know that Peplink has yet modified everything that needs to be modified to reflect the usage of new DNS.
For example, on a B20x running firmware 8.2, the Dashboard has a section for Ethernet WAN showing the IP address and a "Details … " link. Clicking the link shows nothing but old DNS information, even on a device configured to use new DNS.
Have the settings in the DNS Resolvers section that you screen shot in your last response been updated to understand new DNS? I don’t know. After all, Peplink still has not revised the Dashboard after all.
My experience has been that when configured to use new DNS (DNS over HTTPS to be specific) that this trumps all. That said, I have not used the DNS Resolvers section.
DNS is complicated now. Used to be simple.
