Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 458
  • Last Modified:

OpenDNS Server 1, Not on Server2

I have two servers. They both use the same Internet account.  (Whole network is NAT).

I setup OpenDNS on server 1 (192.168.1.1). Anyone who logs in to this domain gets 1.1 for a DNS, and they do get blocked by OpenDNS when they should. All good.

Server 2 (192.168.2.2) is not setup for OpenDNS. Yet this domain gets blocked too. Is this because we all use the same Internet link through NAT, so OpenDNS is just blocking based on the IP of the Internet link?  Clients from Server 2's domain get Server2 as a DNS, and there is no OpenDNS setting on Server 2, just Root Hints.  

I want people in Server1's domain filtered, people in Server2 should not even use OpenDNS.  Any way to do this?

Would appreciate any thoughts!
0
dougp23
Asked:
dougp23
  • 2
1 Solution
 
dlancelotCommented:
dougp23, I'm not the authority on opendns service, but I'm guessing it's resolving via your external IP address as you suspect.  Most isps here in canada provide 2 ip addresses for free (unless you have static, may want to check with your isp)...if this is the case, you can simply add a second router and connection to your domain servers 2nd lan port, or the 2nd server as it were.  then you're good to go
0
 
Darius GhassemCommented:
Well they should not get blocked only the Computers receiving the OpenDNS IP address will get filtered by design.

Make sure you don't have Forwarders setup on Second Domain.

Are you running separate domain or child domain?
0
 
dougp23Author Commented:
Server 2 is a totally separate domain!  Server 2 does have a forwarder, but it's 8.8.8.8
BOTH Domains use the same connection for Internet, so they both NAT and all outbound traffic from both domains appears to come from the same "real IP", which is why I am wondering if this is the OpenDNS doing it.

I agree with you darius, that Server 2 should not be getting filtered.  I still need to do more testing to confirm all this.
0
 
dougp23Author Commented:
Yup, had some other forwarders setup.
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now