Table of Contents
Roaming Devices in CyberFOX DNS
Setting up your device as a roaming device is designed to manage DNS requests for devices moving between networks, such as laptops and mobile phones. It uses DNS over HTTPS (DoH) to ensure secure DNS queries regardless of the device's location.
By configuring the roaming device, Companies can maintain consistent DNS filtering and security policies for their clients' devices, even when they are not connected to the primary network. This is particularly useful for ensuring that mobile and remote workers are protected from malicious sites and have controlled internet access, providing a seamless and secure browsing experience across various environments.
DNS over HTTPS
Suppose a client has a roaming device configured (using DNS over HTTPS), and also works in an office that is configured as a location for CyberFOX DNS Filtering services. In that case, the policy created for the roaming device will be used instead of the location's policy, because a roaming device uses DNS over HTTPS, bypassing traditional DNS requests.
Creating a Roaming Device Profile First
Just like with a location, you need to start by creating a profile for the Roaming Profile you are going to configure.
- Log in to the DNS Portal, navigate to the Companies Section, then under the actions icons, click on the ‘Roaming Devices’ to open the Roaming Devices screen. Now, click on ‘Create +’ to create a Roaming Profile.
- On the Create Device screen, complete the profile by filling in all the settings.
- Add a Name (required)
- Leave Lockdown Mode (optional) inactive. Use this when you need to block DNS resolution for devices under this profile.
- Set your Fallback Security Level (required). This setting is used in case the DNS over HTTPS filtering encounters any issues.
- High Security has no backup for filtering.
- Medium Security features alternative DNS filtering, blocking the most common harmful sites.
- Set your Policies that you created and add them. (required)
- Select the block page template you want to use (required)
- Click on Save

Getting the Roaming Device configuration (DNS over HTTPS)
- From the Roaming Devices screen, for the new device you just created, under the actions, click on ‘Configure Device’

- The Roaming Device DNS Configuration screen displays the unique DNS URL for the specific roaming device you have just configured. It also contains instructions for various device platforms you can configure to use this DNS URL. You can click the Copy URL (1) button to copy the unique URL, or click Copy public configuration URL (2) to share the entire configuration and send it to the person who will set this up on their device.

Other Actions for Roaming Devices
See Registered Devices using this Roaming Profile
Allows you to view the devices using this roaming configuration.

Edit the Roaming Device profile.
You can adjust the Name, Fallback Security Level, Policies, and Block Page, as well as turn on/off Lockdown mode.

Configure & Manage Domain Overrides
A domain override is a unique configuration for this Roaming Device that allows you to “override” what the standard policy is for this device. It will enable you to add an override to allow a blocked site, proxy a site, or redirect to a specific IP address for internal sites.

Create or Edit an Upstream DNS Resolver
Use this to add a specific Upstream DNS resolver for this configuration.

Delete the Roaming Device profile.
Delete the profile if it is no longer in use. Warning: Devices still using the Unique DNS URL will stop working.
