Solved

How to change DNS on cisco router so can use OPENDNS?

Posted on 2011-03-21
10
1,278 Views
Last Modified: 2012-05-11
My end goal is to use OpenDns so that I can easily block some websites in our company.  Problem has been where do I change the DNS. First I did via DHCP server which worked for internet purpose but caused problem in local network...wasn't resolving names.

So I was advisted that it should be changed on T1 router..which is a cisco router. I googled for commands and cannot seem to find proper command to find the setup nor change it for DNS.

Any help is appreciated.
0
Comment
Question by:ETdude
10 Comments
 
LVL 18

Expert Comment

by:jmeggers
ID: 35184549
I'm not clear -- are you trying to change the DNS address handed out through DHCP?
0
 

Author Comment

by:ETdude
ID: 35184611
am trying to change the dns server that the T1 router goes to for resolving...instead of going to the ISP DNS server it should go to the one supplied by the OPENDNS company.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 35185654
Look for something like this near the top of the config
 ip name-server x.y.z.a

You may not have anything specified, because this is only used by the router itself. For instance, at the command line you want to ping www.google.com
router#ping www.google.com
It will resolve it first, then ping it.
For anything originating on the user LAN, the router will never do a lookup.
You need to change the dns name-server IP addresses in your DHCP scope, not the router.



0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:ETdude
ID: 35194035
My original thought and action was just that...to change the DNS lookup with the DHCP scope so all clients use the internet company OPENDNS DNS address and not our internal DNS address but then internal resources weren't connecting via their name.

Then I contacted OPENDNS and they said to do it on the router.

So I am going in circles and need to find a conclusive solution.
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 35198718
On your DHCP server point your clients to an internal DNS server.
If you have Active Directory integrated DNS, set your DNS servers to these in DHCP.

Then, go to your internal DNS server and configure forwarders to point to the OpenDNS servers.
0
 

Author Comment

by:ETdude
ID: 35200876
Currently our clients do point to our internal DNS server via our DHCP pushes.

Our Cisco FIrewall is our DHCP server and our DNS server is on a Windows 2003 server.

HOw would I know if the Active Directory is integrated with DNS? I didn't set all this up here?

By configuring forwarders to point to the OpenDNS servers will that ensure control of DNS for clients is being managed by OpenDNS?
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 35202198
If you make clients use your internal DNS you will have control over what they can resolve internally.  Configuring your internal DNS to forward unresolved requests to OpenDNS means that clients can still resolve internal names whilst OpenDNS resolves external hostnames.

This will enable you to configure your internet policies at OpenDNS whilst still allowing clients to use internal LAN resources.

I would configure the 2003 server as your DHCP server as well as your DNS server.  If the server already has DNS and active directory it will be integrated already.
0
 

Author Comment

by:ETdude
ID: 35210808
Ok...I think I understand now that I have to setup the OpenDNS on the windows 2003 server that is our DNS server.

The clients will have this windows server as their DNS server.

Now the question that needs clarification is do I simply go to the TCP \ IP properties on this server and change it's DNS to point to OpenDNS or is there something I have to do on the DNS setup or both?
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 250 total points
ID: 35211813
On the client NIC point it to the server for DNS.

On the server NIC point it to its own IP address for DNS.

In DNS Management on the server, right-click on the name of the server and select properties then go to Forwarders.
Enter the IP addresses of the OpenDNS servers here.

That's it!
0
 

Author Comment

by:ETdude
ID: 35219080
Excellent. Your instructions were clear and it worked finally !!!
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Claiming a Domain Name 7 52
ASA5510 Blocking a Wanted Website/Host 9 25
svi stops eigrp advertisement 13 32
Replication problems 6 21
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question