Setting Up DNSFilter
You're about to, or already have signed up for a 14-day free trial and want to get started right away.
Start by logging in or signing up for a trial on our App Dashboard login page.
Upon first login, you will be automatically placed in the Deployments -> Sites section.
Add a friendly Name and Physical Address for your first location and click Save.
The IP Information field will then appear.
Use the Fill Current IP button to add the IP address of your current network, or specify the IP address(es) of your desired network and click Save.
Here's a video which outlines this process:
We recommend testing with a single computer to ensure basic DNS resolution is possible before applying this change network-wide.
Make sure the public IP address of your network is added in our Dashboard as mentioned in the previous step, and that the DNSFilter IPs are the only configured DNS servers.
(Go for it!)
After changing your DNS servers, your computer's DNS cache will be reset, and you should visit several webpages to ensure DNS resolution is working. If you are seeing a DNSFilter error page, see here.
Within moments of pointing DNS to DNSFilter, the Reports section of the App Dashboard will start populating and displaying your DNS data.
Now that you've confirmed you're using DNSFilter, explore Content Filtering and Threat Protection.
A great test is to add a test domain to the Blacklist and confirm it's being blocked. If you've recently visited a website you are attempting to Blacklist; clear your browser or system cache first!
Changes made in the Dashboard are instantaneous.
Questions about your results? Don't hesitate to reach out to Support!
Deployment and Next Steps
Once you've performed testing and you're ready to switch your network's DNS to DNSFilter by adjusting your DNS forwarder, DHCP, or other network appliance's settings.
If you will utilize unpopular content filtering policies among your users, we recommend creating a firewall rule that redirects any outbound DNS traffic to your local DNS forwarder IPs or directly to DNSFilter, depending on your local DNS configuration. This way, users cannot utilize other DNS servers to circumvent content filtering. We also recommend allowing at least one machine to be able to contact the DNSFilter servers directly (if using DNS forwarders) for troubleshooting purposes.
Interested in multiple filtering policies on the same network?
Refer to our Multiple Policies with NAT IPs article.
Questions? Concerns? Comments?
Reach out to Support!
More great articles in our Help KB.
If you attempt to go to a webpage after changing DNS to DNSFilter, and see the following DNSFilter error page...
...open a Terminal or Command Prompt and perform the following DNS lookup to verify the IP address that sends DNS on your network using the following nslookup command:
nslookup myip.dnsfilter.com 18.104.22.168
If the IP address returned here is different than the IP address you originally entered, replace it with this one.
If there is no IP address (NXDOMAIN), DNS on your network or ISP is more than likely being transparently proxied. More about transparent DNS proxies and DNSFilter.
If you're still receiving error pages after replacing the original IP with this one, reach out to Support for assistance.