Announcement

Collapse
No announcement yet.

DNS Reply by IP, not User

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    DNS Reply by IP, not User

    is it possible to filter by incoming IP request . instead of user auth? - Looking to replace dnsfilter.com
    Tags: None
  • #2
    What's 'incoming IP request'?

    Comment

    • #3
      ClientA - IP 5.5.5.5 - NX Replies based on query coming from 5.5.5.5 - Uses Policy 1
      ClientB - IP 6.6.6.6 - NX Replies based on query coming form 6.6.6.6 - Uses Policy 2

      etc

      Comment

      • #4
        That's User Authentication. When you enable user authentication, you can associate IPs to users and you can assign policies to users. You can create users on NxFilter GUI.

        Comment

        • #5
          Originally posted by support200 View Post
          That's User Authentication. When you enable user authentication, you can associate IPs to users and you can assign policies to users. You can create users on NxFilter GUI.
          Thanks - but we're wanting to do it at a SITE level. Set DNS on our servers and firewalls .. and point all clients to use the Domain DNS (as best practices) We just want to protect ALL devices on the network. - What if a device doesn't support authentication and we want to provide DNS to it.

          Comment

          • #6
            What do you mean by 'device doesn't support authentication'? You can associate source IP or IP range to a user. Is it not what you want?

            Typically, you put NxFilter before your own DNS server.

            User -> NxFilter -> Resolving DNS

            Then NxFilter can see your user IP and you can implement all the authentication method it provides including single sign-on with Active Directory.

            Comment

            • #7
              Originally posted by support200 View Post

              Typically, you put NxFilter before your own DNS server.
              Never do you look outside of your Domains DNS first. DNS forwarding on Domain/DNS should look to your External DNS servers.

              Your instructions still require a user. I just want to forward DNS queries from Clients Servers to NXFilter, it sees inbound IP and applies proper policy. I guess we could add a user for the site. It would be nice if we could do the same options but at a Site Level - like DNSFilter.com does.

              Comment

              • #8
                You still need an agent for that. We have NxRelay and NxProxy. https://tutorial.nxfilter.org/d-nxre...le-network.php

                Is it about building a cloud based DNS filter service? Then try NxRelay.

                If you are not dealing with multiple sites, it's better to run NxFilter inside a network though.

                Comment

                • #9
                  Thanks. We'll look at Relay. We have about 600 sites currently using dnsfilter.com

                  Comment

                  • #10
                    We have a cloud filtering service provider as a customer. They run several NxCloud servers and more than 200 NxRelay.

                    Comment

                    Previous template Next
                    Working...
                    X