How to Prevent Client Manually Change DNS

How to prevent a client from changing manual control eg 8.8.8.8? This question is in the previous article that is: Easy Way to Block Adult Sites with DNS in Mikrotik. Well in this article I will try to answer it and provide a solution to prevent clients to change DNS manually using Mikrotik.

Actually, it is more appropriate if we call “Forced” Client using Mikrotik DNS. Because anyone can just change the DNS settings on their PC respectively. Well, the thing we will do is to force the client to use our DNS even though the DNS on his PC has been changed eg to 8.8.8.8. How to do? Check out the following tutorial:

Tutorial How to Prevent Client Manually Change DNS:
1. Login to Mikrotik via Winbox

2. Go to IP menu -> Firewall -> NAT -> Add ->

 Firewall -> NAT

– On the General tab:
==> Chain: dstnat
==> Protocol: 17 (udp)
==> Etc. Port: 53

 

– On the Action tab:
==> Action: Redirect
==> To Ports: 53

 

3. Try checking your PC, change DNS to manual eg 8.8.8.8 and access site that should be blocked.
4. If still can, try to flush the first DNS cache in Mikrotik and its PC