Solved

How to change DNS on cisco router so can use OPENDNS?

Posted on 2011-03-21
10
1,282 Views
Last Modified: 2012-05-11
My end goal is to use OpenDns so that I can easily block some websites in our company.  Problem has been where do I change the DNS. First I did via DHCP server which worked for internet purpose but caused problem in local network...wasn't resolving names.

So I was advisted that it should be changed on T1 router..which is a cisco router. I googled for commands and cannot seem to find proper command to find the setup nor change it for DNS.

Any help is appreciated.
0
Comment
Question by:ETdude
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 18

Expert Comment

by:jmeggers
ID: 35184549
I'm not clear -- are you trying to change the DNS address handed out through DHCP?
0
 

Author Comment

by:ETdude
ID: 35184611
am trying to change the dns server that the T1 router goes to for resolving...instead of going to the ISP DNS server it should go to the one supplied by the OPENDNS company.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 35185654
Look for something like this near the top of the config
 ip name-server x.y.z.a

You may not have anything specified, because this is only used by the router itself. For instance, at the command line you want to ping www.google.com
router#ping www.google.com
It will resolve it first, then ping it.
For anything originating on the user LAN, the router will never do a lookup.
You need to change the dns name-server IP addresses in your DHCP scope, not the router.



0
Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

 

Author Comment

by:ETdude
ID: 35194035
My original thought and action was just that...to change the DNS lookup with the DHCP scope so all clients use the internet company OPENDNS DNS address and not our internal DNS address but then internal resources weren't connecting via their name.

Then I contacted OPENDNS and they said to do it on the router.

So I am going in circles and need to find a conclusive solution.
0
 
LVL 46

Expert Comment

by:Craig Beck
ID: 35198718
On your DHCP server point your clients to an internal DNS server.
If you have Active Directory integrated DNS, set your DNS servers to these in DHCP.

Then, go to your internal DNS server and configure forwarders to point to the OpenDNS servers.
0
 

Author Comment

by:ETdude
ID: 35200876
Currently our clients do point to our internal DNS server via our DHCP pushes.

Our Cisco FIrewall is our DHCP server and our DNS server is on a Windows 2003 server.

HOw would I know if the Active Directory is integrated with DNS? I didn't set all this up here?

By configuring forwarders to point to the OpenDNS servers will that ensure control of DNS for clients is being managed by OpenDNS?
0
 
LVL 46

Expert Comment

by:Craig Beck
ID: 35202198
If you make clients use your internal DNS you will have control over what they can resolve internally.  Configuring your internal DNS to forward unresolved requests to OpenDNS means that clients can still resolve internal names whilst OpenDNS resolves external hostnames.

This will enable you to configure your internet policies at OpenDNS whilst still allowing clients to use internal LAN resources.

I would configure the 2003 server as your DHCP server as well as your DNS server.  If the server already has DNS and active directory it will be integrated already.
0
 

Author Comment

by:ETdude
ID: 35210808
Ok...I think I understand now that I have to setup the OpenDNS on the windows 2003 server that is our DNS server.

The clients will have this windows server as their DNS server.

Now the question that needs clarification is do I simply go to the TCP \ IP properties on this server and change it's DNS to point to OpenDNS or is there something I have to do on the DNS setup or both?
0
 
LVL 46

Accepted Solution

by:
Craig Beck earned 250 total points
ID: 35211813
On the client NIC point it to the server for DNS.

On the server NIC point it to its own IP address for DNS.

In DNS Management on the server, right-click on the name of the server and select properties then go to Forwarders.
Enter the IP addresses of the OpenDNS servers here.

That's it!
0
 

Author Comment

by:ETdude
ID: 35219080
Excellent. Your instructions were clear and it worked finally !!!
0

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question