How to direct Unifi VLAN traffic to OpenDNS
In this tutorial you will be shown how to direct UniFi VLAN traffic to OpenDNS. Many companies love using OpenDNS due to it ease of use but sometimes it can be tricky to deploy on UniFi since the GUI keeps changing. This tutorial guides you through Unifi Controller Version 6.1.71.
OpenDNS is a Internet security company based in San Francisco that provides easy-to-implement Internet navigation and Web security solutions for families, schools, governmental organizations and businesses of all sizes. The services provided by OpenDNS increase the speed of navigating websites and prevent unintended access to phishing and malware sites as well as to any Web content that you configure to be restricted.
Lets Get Started
In this tutorial I will be using a UniFi UDM Pro on Controller Version 6.1.71. Please update your controller as needed as some times may vary if your not up to date. I will be guiding you from creating a VLAN up to assigning DNS.
- Log into your Unifi UDM Pro Controller.
- Click on the Settings icon.
- Click On Networks.
- Afterwards click on Add New Network.
- Here you want to make sure Enable Network is enabled and make sure to name your network. Personally I like naming the network the VLAN ID that I will be assigned it.
- Scroll down a few and locate the Advanced Drop down and click it. You should be presented with the field to type in your VLAN ID.
- Next, scroll down and locate DHCP Name Server. Click the drop down and change Auto to Manual.
- Now you can enter OpenDNS IP addresses.
- Finally click Add Network to save your network.
- Now make sure you add the UDM PRO’s WAN ip address to OpenDNS portal.
- Log into OpenDNS. Click : Customer Management> Choose Customer> Deployments> Networks. In this section add your clients WAN IP address assigned to your UDM PRO.
Thanks for the tutorial; all of the Unifi ones I see on here have been very helpful 🙂
One question I have though – I have enabled the DNS server for the Home and Guest VLANs in my network setup in my home; I was just wondering if I need to do the same for my IoT VLAN too, and, if so, why?
OK two questions – What is “DHCP Guarding” in the settings, and is it advisable to enable for my residential network setup?
IOT devices can contain vulnerabilities many are not updated properly with security patches; it can be a vector for intrusion into your network.
DHCP Guarding is used to protect your network from GHOST DHCP servers , malicious like DHCP servers, from affected devices or if some random person puts a router on the network instead of switch.