Accept DNS Configuration = Disabled


Occasional Visitor
Running Merlin 386.7 on RT-AC86U.

Using multiple VPN providers and I always disable accepting DNS which preforms as instructed except with Windscribe. I always find their servers part of my DNS lists when I do a DNS test.

Any reason why the "Disabled" prompt isn't working with this specific VPN provider ? How do I fix it and ensure I don't use any of their DNS ?

To be clear, I noticed this in the previous Merlin as well. It's not something that I recently noticed after upgrading to 386.7.

Thank you



Part of the Furniture
Have you asked Windscribe if they are hardcoding this on their end?


Part of the Furniture
What does my DNS monitoring utility report as the active DNS servers?



Asuswrt-Merlin dev
Maybe that VPN provider redirects your port 53 traffic to their own server. Check with them if that`s the case.


Part of the Furniture
How can I prevent any VPN from directing port 53 traffic ?

You can't. NOT if the redirection is occurring at the VPN provider.

IOW, nothing stops your VPN provider (or ISP) from redirecting any traditional DNS over udp/tcp port 53 (Do53) (e.g., once it leaves your router. It's out of your hands.

The only way to prevent hijacking/redirection by either your ISP or the VPN provider is to use secure, encrypted DNS (e.g., DoT, such as that found on the WAN). Now it doesn't even matter if your DNS is routed over the WAN, let alone the VPN, since it can't be manipulated.

BTW, the reason I asked you to try the DNS monitor was to confirm that in fact you were NOT somehow still configured w/ the VPN providers own DNS servers, despite having configured Accept DNS configuration as Disabled. If somehow that happened, then at least you could fix it, before the DNS traffic left the router. Without that information, we're just *assuming* the configuration is correct.

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!