4. Multiple VLANs with different DNS for each VLAN

Multiple VLANs with different DNS for each VLAN

  • N

    Objective: Two separate networks (VLAN, wifi SSIDs) - one unrestricted, one for kids.

    Restriction summary: Time, MAC address, DNS resolution

    Equipment & tech: pfSense, UniFi, Ubiquiti wifi access point, OpenDNS

    The two VLANs are configured through to the wifi access points. pfSense is configured with two networks via two interfaces: Unrestricted interface, kids interface. Both are also on different subnets and have different DHCP configurations.

    Devices getting IP addresses from the kids' DHCP get configured with DNS addresses from OpenDNS. Devices querying the unrestricted DHCP get DNS from a local BIND server.

    I am at the end of my expertise on how to set up pfSense to forward DNS requests from the kids' network to OpenDNS while allowing requests from the unrestricted network to go to Google DNS. For the kids' network, I must also block DNS requests made to alternate servers.

    I appreciate any help you provide.

    0
  • LAYER 8 Global Moderator

    In the dhcp server hand out what ever dns you want the dhcp clients to use.  On the firewall rules for that vlan only allow dns to what your handing out. Block all other dns.

    Remember rules are evaluated top down, first rule to trigger wins no other rules are evaluated.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy