Is there a way to assign a specific DNS to specific clients in the LAN ?

Options
sirivanhoe
sirivanhoe Posts: 18  Freshman Member
First Anniversary Friend Collector First Comment
edited April 2021 in Security
Hi,

behind my USG60 there's an Asuswrt-based router which is the first contact point of my inner LAN. In the Asuswrt router I had configured per-client DNS Filtering. Now as I installed also an ad-blocker, this will conflict with the DNS Filtering. Is there a way to move this per-client DNS filtering onto the ZyXEL USG ?

Accepted Solution

  • PeterUK
    PeterUK Posts: 2,709  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited February 2021 Answer ✓
    Options
    A bind DNS on another box and make the USG point at it ?
    Yes then make  views  with match-clients for ACL to forward to set DNS.

All Replies

  • PeterUK
    PeterUK Posts: 2,709  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    If I understand the title you want the USG to do DHCP to give each client a given DNS? You can't do that but want you could do is setup a bind DNS with views and ACL to have given clients to go to given DNS forwarder.


  • sirivanhoe
    sirivanhoe Posts: 18  Freshman Member
    First Anniversary Friend Collector First Comment
    Options
    Hi Peter, thanks for the feedback.
    A bind DNS on another box and make the USG point at it ?
  • PeterUK
    PeterUK Posts: 2,709  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited February 2021 Answer ✓
    Options
    A bind DNS on another box and make the USG point at it ?
    Yes then make  views  with match-clients for ACL to forward to set DNS.
  • sirivanhoe
    sirivanhoe Posts: 18  Freshman Member
    First Anniversary Friend Collector First Comment
    Options
    Thanks Peter. I should find a box to give this job to, and study a bit of bind as I recall reading it requires some consciousness in configuring it not to open some security concern. But it might be instructive on the whole. 

Security Highlight