Configuring Draytek 2710 to use OpenDNS for Family Internet Protection

Overview

I am a big fan of Draytek routers (on my 3rd - upgrades not failures) and currently use a 2710Vn. One of the main reasons I like them is their infinite configuration options, the downside to this is the documentation is minimal and confusing at best; try configuring the firewall just from the documentation - go on.....

With a young family, who are avid internet users, online safety is a priority for me. I use a couple of measures both in their devices (PCs, tablets) and provided by the Draytek router. For the last couple of years I have purchased the Web content filter license ( a.k.a DrayTek WCFB GlobalView 1-Year Web Content Filtering (Group B)) , which has worked fine, although it lacks any real feedback and has no monitoring features. I decided to look for other options this year after the license expired and stopped validating URLs. It did this silently without any notifications ! so the internet was wide open until I realised.

Having previously used OpenDNS before, and being very impressed (www.opendns.com), I decided to have another look at setting it up with the Draytek. The difficulty was updating the OpenDNS ip address for my network, which is dynamically allocated, and relied on a client side application to update the OpenDNS registry.
After an hour of fiddling and lots of internet searching I had it working, so here's how.

Configuration

The following steps describe how to configure your Draytek :

Update your Draytek DNS settings

Go to 'http://www.opendns.com' and create a personal account.  I used my existing account but don't remember it being difficult to setup.  Make a note of the DNS IP addresses (208.67.222.222 , 208.67.220.220)

Login to your Drayteks' admin page (mine is at http://192.168.1.1) and go to the LAN->General page and set the primary and secondary DNS addresses.

Your Draytek will now use the OpenDNS DNS servers to resolve all URLS, but OpenDNS doesn't know to associate your ip address your your account. To do this you can use the Dynamic DNS features of the Draytek.

OpenDNS updating service (DNS-o-matic)

Most home public IP addresses are dynamically updated by their ISP.  To update OpenDNS with our IP address we need to use another service provided by the same company DNS-O-MATIC (https://dnsomatic.com/).  This service provides a standard API and will update OpenDNS.

Go to DNS-O-MATIC (https://dnsomatic.com/) and use your OpenDNS credentials to login.
4.1 Create a service for your OpenDNS account. This is very easy as there are only a few options available.

We are now ready to join all the bits together :)

Configure Draytek to use DNS-o-matic

Go to the Dynamic DNS setup page of your Draytek (Applications->Dynamic DNS).

Click on index entry '1' to configure the Dynamic DNS.


You will obviously need to enter your username and password for your OpenDNS account. Once completed click OK, and enable the Dynamic DNS feature on the previous screen.

I found it useful to reboot my router, and devices, to flush their DNS caches before everything was working correctly.

All done.

Testing

To check that it is all connected together first click the 'Force Update on the Dynamic DNS setup page, then use the 'View Log' option to check that your router has connected to DNS-o-matic successfully.

Then log into DNS-o-matic to check that it has registered the call.  You can use the 'History' feature of your service to see the update.

If both of these are ok then everything is working as expected.

Results

Yow should now log into your OpenDNS account to configure the types of sites that you want to block.  You can also check the metrics to check that everything is working.

Conclusion

OpenDNS provides a far more comprehensive service than the Draytek Web content filter and it's FREE !!

Hope this was useful.














Comments

Popular Posts