anaknipedro
Occasional Visitor
I have an ax86u with 388.1. I’m using DNS director to force DNS requests through CleanBrowsing.org with “global filter mode” set to “Router”. It works amazingly as a content filter for the family. I’m now wanting to add a Wireguard VPN server to my router so the family can have a safe way to connect to our home network. My concern is that the Wireguard iOS app allows for the network DNS settings to be bypassed. Any user can enter another DNS (e.g. cloudflare’s 1.1.1.1) and there is no longer any filtering.
Now, to get the benefits of CleanBrowsing.org when away from home, I also have a DNS configuration profile on each child’s phone forcing requests through CleanBrowsing.org via DoH. Unfortunately, the Wireguard VPN app doesn’t inherit the DNS from this profile. It either inherits it from the VPN server on the router, or allows for you to enter another DNS.
1. Is there a way to force all DNS requests from VPN clients to follow the DNS director rules?
2. What does the “permit DNS” setting on the Wireguard settings do?
Now, to get the benefits of CleanBrowsing.org when away from home, I also have a DNS configuration profile on each child’s phone forcing requests through CleanBrowsing.org via DoH. Unfortunately, the Wireguard VPN app doesn’t inherit the DNS from this profile. It either inherits it from the VPN server on the router, or allows for you to enter another DNS.
1. Is there a way to force all DNS requests from VPN clients to follow the DNS director rules?
2. What does the “permit DNS” setting on the Wireguard settings do?
