US English (US)
FR French
DE German
ES Spanish
IT Italian
NL Dutch
JP Japanese

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

  • Contact Us
English (US)
US English (US)
FR French
DE German
ES Spanish
IT Italian
NL Dutch
JP Japanese
  • Home
  • CyberFOX DNS Filtering
  • Company and Location Setup

Configure DNS for Locations

Learn how to configure your DNS settings to point to CyberFOX DNS for faster, more secure internet browsing.

Written by Owen Parry

Updated at August 5th, 2025

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

  • AutoElevate Knowledgebase
    New to AutoElevate? START HERE General & Troubleshooting Managing Rules Integrations Announcements FAQ Sales & Marketing How to Videos
  • Password Boss Knowledgebase
    Using Password Boss Business Administration Password Boss Partner Documents
  • CyberFOX DNS Filtering
    Getting Started Filtering Policies Company and Location Setup Roaming Clients Reporting and Logging
  • Marketing Toolkit
    MSP Marketing & Education Toolkit
  • Changelogs for Autoelevate and Password Boss
  • Current Status
+ More

Table of Contents

Important Configuration Guidelines Avoid Mixing DNS Providers Do Not Assign DNS Directly to Client Devices Configuring CyberFOX DNS on a Router How It Works Configuration Notes Configure the DHCP Server How It Works Configuration Tips Firewall Example: Generic Firewall Rule Important Considerations Firewall & Router DNS Configuration Guides Microsoft Entra Domain Services What This Command Does

This article outlines some of the most common and effective ways to configure your network to use CyberFOX DNS Filtering. Whether you manage a small office, a school, or a larger enterprise environment, these methods are designed to help you enforce safe and reliable DNS resolution across your entire network.

CyberFOX DNS Filtering works by intercepting DNS queries and blocking access to malicious, inappropriate, or unwanted content before it reaches your users. By configuring your network to forward DNS traffic to CyberFOX’s secure servers, you gain centralized control over internet access and enhance your network’s protection against online threats.

The configuration method you choose will depend on your network’s size, structure, and existing hardware. This guide provides practical examples and best practices for setting up DNS forwarding at the router, firewall, or DHCP server level, ensuring that all devices on your network benefit from CyberFOX’s filtering capabilities.

 

Important Configuration Guidelines


Avoid Mixing DNS Providers

  • Many devices use round-robin DNS resolution, meaning they alternate between listed DNS servers.
  • If you include non-CyberFOX DNS servers, some queries may bypass filtering.
  • Only use CyberFOX DNS servers in your configuration:
    • 34.196.202.175
    • 54.80.208.248

Do Not Assign DNS Directly to Client Devices

  • Assigning CyberFOX DNS IPs directly to endpoints can break access to local resources (e.g., printers, file servers, internal domains).
  • Instead, configure DNS forwarding at the router, firewall, or DHCP server level.
  • This ensures:
    • Proper resolution of local hostnames.
    • Centralized control and consistent filtering.

 

Configuring CyberFOX DNS on a Router


Setting CyberFOX DNS IPs directly on your router is a simple and effective way to enforce DNS filtering in smaller environments, such as:

  • Home or small office networks
  • Personal use
  • Locations without local user authentication

In this setup, the router acts as a DNS forwarder. All DNS queries from connected devices are sent to the router, which then forwards them to CyberFOX’s DNS servers for resolution.

How It Works

  • Devices on your network send DNS requests to the router.
  • The router forwards those requests to:
    • Primary DNS: 34.196.202.175
    • Secondary DNS: 54.80.208.248

Configuration Notes

  • The exact steps to update DNS settings vary by router brand and model.
  • Typically, you’ll find DNS settings under sections like:
    • Network Settings
    • Internet Settings
    • LAN/DHCP Settings

Tip: After updating the DNS settings, reboot the router and connected devices to ensure the new configuration takes effect.

 

 

Configure the DHCP Server


Using your DHCP server to assign CyberFOX DNS IPs is a flexible and scalable way to enforce filtering across your network, especially when using NAT IPs to apply different filtering policies to different subnets.

This method is ideal for environments such as:

  • Public or guest Wi-Fi networks
  • Networks without local resources (e.g., no printers, file servers, or internal domains)
  • Networks using NAT IPs to apply multiple filtering policies

How It Works

When you configure DNS forwarding through the DHCP server:

  • Devices automatically receive CyberFOX DNS IPs when they connect to the network.
  • All DNS queries from those devices are sent directly to:
    • Primary DNS: 34.196.202.175
    • Secondary DNS: 54.80.208.248

Note: This setup bypasses local DNS resolution. Devices will not be able to resolve local hostnames (e.g., Server1, Finance-Printer). This is usually acceptable on guest networks or in environments without internal services.

If you have local hostnames that need to be resolved at a location, use a Domain Override to add an IP forwarder.  

 

 

Configuration Tips

  • DHCP configuration steps vary by manufacturer. Refer to your device’s documentation for instructions on setting custom DNS servers.
  • On many routers, this setting is found under the DHCP Server or LAN Settings section.
  • Be sure not to mix DNS providers—only use CyberFOX DNS IPs to ensure consistent filtering.

 

Firewall 


To ensure all DNS traffic on your network is filtered through CyberFOX DNS, you can configure your firewall to redirect all DNS queries, even if users attempt to bypass filtering by changing their DNS settings.

This setup is especially useful in environments such as:

  • School or educational networks
  • Networks with ISP-level transparent DNS proxies
  • Offices or public spaces where users can modify DNS settings

The objective is to force all DNS traffic (TCP/UDP on port 53) to go through CyberFOX DNS servers, regardless of the DNS settings on individual devices. To do this, you’ll need to create a NAT (Network Address Translation) or port forwarding rule on your firewall to redirect all DNS traffic to the CyberFOX DNS IPs:

  • Primary DNS: 34.196.202.175
  • Secondary DNS: 54.80.208.248

Example: Generic Firewall Rule

Create two NAT or port-forwarding rules—one for each DNS server.

Setting Value
Interface LAN (or internal network interface)
Protocol TCP/UDP
Source Internal network (e.g., 192.168.1.0/24)
Source Port Any
Destination Any
Destination Port 53
Redirect Target IP 34.196.202.175 (first rule), 54.80.208.248 (second rule)
Redirect Target Port 53
Description Redirect DNS to CyberFOX DNS
Rule Settings

Tip: You can load balance or prioritize one DNS server over the other depending on your firewall’s capabilities.

 

 

Important Considerations

  • Packet Size: DNS packets can exceed the traditional 512-byte limit. Ensure your firewall allows DNS packets up to 4096 bytes to avoid resolution issues.
  • Transparent Proxies: If your ISP uses a transparent DNS proxy (e.g., forwarding to ports 5353 or 5354), this configuration helps override that behavior.
  • DHCP Settings: Optionally, configure your DHCP server to hand out CyberFOX DNS IPs to clients for consistency.

 

Firewall & Router DNS Configuration Guides


The DNS configuration guides provided below represent just a selection of the many available resources for setting up DNS on various firewall and router platforms. Each manufacturer may offer different interfaces, features, and firmware versions that can affect how DNS settings are configured. Therefore, it's always best to consult the official documentation or support channels of your specific device manufacturer to ensure you're following the most accurate and up-to-date procedures tailored to your hardware and software version.

Cisco

  • Configure DNS on Cisco Routers

Juniper Networks

  • Configure DNS in Junos OS
  • SRX DNS Setup Guide

Fortinet

  • FortiGate DNS Server Configuration

Palo Alto Networks

  • DNS Server Profile Configuration
  • DNS Proxy Setup

Netgear

  • Set Static DNS on NETGEAR Router

Linksys

  • Configure DNS on Linksys Mesh Systems

TP-Link

  • Change DNS Servers on TP-Link Routers

SonicWall

  • DNS Proxy Configuration in SonicOS
  • Basic DNS Settings Guide

WatchGuard

  • Configure DNS and WINS Servers
  • DNS Settings for Cloud-Managed Fireboxes

 

Microsoft Entra Domain Services


Microsoft Entra Domain Services (formerly Azure AD Domain Services) supports DNS management through conditional forwarders, allowing organizations to direct DNS queries for specific domains to external DNS providers, such as CyberFOX DNS Filter. This is particularly useful for leveraging CyberFOX’s DNS filtering and threat protection capabilities. Since server-level forwarders and root hints are not supported in Entra Domain Services, administrators must use a Windows Server VM joined to the managed domain to configure DNS settings using the DNS Manager or PowerShell.

To begin, ensure you have:

  • A Windows Server VM is joined to the Entra Domain Services domain.
  • DNS Server Tools installed (RSAT-DNS-Server).
  • Membership in the AAD DC Administrators group.

Follow Microsoft's documentation to Manage DNS for Microsoft Entra Domain Services and set conditional forwarders or configure DNS forwarding by logging onto the Domain Controllers and issuing the PowerShell command below to replace the forwarders with the CyberFOX IPs. 

View Existing Conditional Forwarders

Get-DnsServerZone | Where-Object {$_.ZoneType -eq "Forwarder"}

Set Global Forwarders (if managing a standalone DNS server)

Note: Not supported directly in Entra Domain Services, but useful in hybrid setups and standalone DNS servers.

Set-DnsServerForwarder -IPAddress "203.0.113.10","203.0.113.11" -UseRootHint $False -PassThru

What This Command Does

This command forwards all DNS queries that the local DNS server cannot resolve (i.e., anything not in its local zones) to the CyberFOX DNS servers.

  • Set-DnsServerForwarder: Modifies the list of DNS forwarders on the local DNS server.
  • -IPAddress: Specifies the IP addresses of the DNS servers to which unresolved queries should be forwarded. 
  • -UseRootHint $False: Disables the use of root hints if the forwarders fail to resolve a query. This means the server will not fall back to root DNS servers.
  • -PassThru: Returns the modified object so you can see the result/output in the PowerShell session.
 

 

 

network setup dns forwarding

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • Understanding DNS
  • Configuring Block Pages
  • Adding a new Company under your organization
  • Products
    • Privileged Access Management
    • Password Management
  • Solutions
    • For MSPs
    • For IT Pros
    • By Industry
  • Resources
    • Weekly Demos
    • Events
    • Blog
    • FAQ
  • Company
    • Leadership
    • Culture + Values
    • Careers
    • Awards
    • News & Press
    • Trust Center
    • Distributors
  • Get Pricing
  • Free Trial
  • Request a Demo
  • Support
  • Login
  • Contact
4925 Independence Parkway
Suite 400
Tampa, FL 33634
CALL US (813) 578-8200
  • Link to Facebook
  • Link to Linkedin
  • Link to Twitter
  • Link to Youtube
© 2023 CYBERFOX LLC ALL RIGHTS RESERVED  |  Privacy Policy

Knowledge Base Software powered by Helpjuice

Expand