Return to FAQ List
FAQ 37: Use when clients are behind a NAT deviceCategory: Initial setup
For all features to be supported the DNS Redirector server cannot be separated from clients by a NAT device.
This is because all clients behind a NAT device are only seen as one IP (the outside/WAN interface).
When used for Internet filtering only (BlockedIP= setting, as in corporate environments)...
Blocked/allowed functionality will work regardless of network placement. However, options such as BypassBlockFile=
should not be used. Realize if you configure the option to bypass the block, doing so would apply to the entire network behind the NAT device
(because DNS Redirector sees any client inside that network as all coming from one IP address)
When used for Captive portal (RedirectIP= setting, as in HotSpot environments)...
The machine running DNS Redirector and all network clients cannot be separated by a NAT device. Multiple subnets are acceptable. It is necessary that DNS Redirector track clients joining and leaving the network, each by their unique IP address.
When implemented with a catch-all * record (such as during a network emergency, closed network, or a network without access to the Internet) this function will will work regardless of network placement.
See Network Examples
FAQ 142 Valid DNS resolution paths