Is this possible

.Kencs

.Kencs

.Kencs

Soldato
Joined
14 Oct 2007
Posts
2,738
Virgin Media modem connection to my Netgear router:

My PC = Ethernet to Port 1 in router
Brother-in-laws PC = Ethernet to Port 2 in router

I am using OpenDNS (Thanks to those who recommended it)

It asks for IP addresses when you go to settings...

Now mine says 192.168.1.2
Bother-in-laws says 192.168.1.4

in OpenDNS:

Add a network
IP Address xxx.xxx.x.x

My IP address had to be what I found on What is My IP . com because when I type in 192.168.1.2 and get You cannot add a network in private IP space.

How do I set up settings for 192.168.1.4 if I don't know his IP Address???

Im getting confused :confused:
 
AFAIK you can only set up OpenDNS for the entire network (i.e. based on your public IP), and that's it. I ended up using OpenDNS for the kids, with OpenDNS listed as the default DNS service in the router so their DHCP connected PCs would pick it up. I set my own PC's DNS manually in the config as 4.2.2.3 so I basically bypassed OpenDNS and its filtering settings.

That way the kids were a bit safer from online nasties, but I could still browse teh pornz unimpeded. ;) That's about the only solution I could come up with, if that's any use to you. You could always set up local DNS (BIND or TreeWalk for example), with custom rules for different local IPs, but that's a bit more involved.
 
Rainmaker said:
I set my own PC's DNS manually in the config as 4.2.2.3 so I basically bypassed OpenDNS and its filtering settings.
Click to expand...


Can you help me in guiding me around my settings to set that up?

So basically, if he is connected directly to my router, when I go to whatismyip and gives me an 86. IP address, his will be EXACTLY the same?
 
.Kencs said:
Can you help me in guiding me around my settings to set that up?

So basically, if he is connected directly to my router, when I go to whatismyip and gives me an 86. IP address, his will be EXACTLY the same?
Click to expand...

No, that would mean briding the WAN (internet-facing) IP to your brother in-law's machine and thus denying you any access at all. You'll keep the router and you'll keep your separate LAN IP addresses (192.168.0.2 etc). In your router's setup page, set the DNS servers to be OpenDNS. That way whenever your brother in-law connects to the net, via your router, he'll be using OpenDNS, and thus any filtering/settings you've set on the OpenDNS dashboard.

On your own computer, open the network adapter properties and manually enter DNS servers in the boxes provided. Make sure they're NOT OpenDNS. That way you'll basically circumvent the OpenDNS settings on the router, and thus not be subject to any restrictions/policies you've applied to the OpenDNS account.

I hope that makes sense for you. :)
 
I've been thinking about my reply above and trying to find a way to simplify it. It sounds like you're having trouble grasping how OpenDNS can apply to the private network when you're setting it for the PUBLIC (86.xx.xx.xx) IP. The best/quickest way I can think to explain that is as follows:

OpenDNS works on your ENTIRE network. That could be 1 PC directly connected to the internet, or it could be a router with a 100 PCs behind it (all of which would then need private IPs like 192.xxx.x.x etc). OpenDNS doesn't discriminate between them; it simply works for ALL computers on the network attached to your internet connection (which itself has an IP starting 86.x).

With that in mind, you can't tell it to have different settings for different LAN IPs (192.x) because it can't do that. It can only apply those settings to ALL PCs connecting from your ISP connection. That's why you need to set a separate DNS server for your (non-limited) PC, to bypass OpenDNS entirely. Anyone else will be forced to conect via OpenDNS (unless they know how to circumvent it) and thus are subject to your policies. I hope that helps a little, but probably not. :p
 
.Kencs said:
Great...completely lost now lol...wudnt know where to start with manually setting my own DNS :(
Click to expand...

It's really a lot easier than it sounds, I'm just better at understanding this stuff than explaining it in lay terms. LOL Setting your DNS manually is easy peasy, and takes less than 30 seconds. If you're on Vista or 7 then you can follow the guide here. If you're on XP (or even OS X or Linux) then Google is your friend, but it's easy either way.

Manually set the DNS on YOUR machine to server 1: 4.2.2.1 and server 2: 8.8.8.8 (for example). Then set your router to use OpenDNS by following their step by step guide here. Basically manually setting DNS (or IP) on the PC itself over-rides the settings in the router. So, YOUR PC will use a "normal" DNS and won't be subject to the OpenDNS restrictions. Your brother-in-law's PC will connect via OpenDNS (because his PC is set to automatically get DNS info from the router and hasn't been manually configured) and thus he WILL be restricted.

I hope this is of more use to you. It really is quite easy; just follow the guides. :) BTW, I'm really curious as to why you'd need to limit your brother-in-law's PC and not your own. Is he under 18 or something? :D
 
Rainmaker said:
It's really a lot easier than it sounds, I'm just better at understanding this stuff than explaining it in lay terms. LOL Setting your DNS manually is easy peasy, and takes less than 30 seconds. If you're on Vista or 7 then you can follow the guide here. If you're on XP (or even OS X or Linux) then Google is your friend, but it's easy either way.

Manually set the DNS on YOUR machine to server 1: 4.2.2.1 and server 2: 8.8.8.8 (for example). Then set your router to use OpenDNS by following their step by step guide here. Basically manually setting DNS (or IP) on the PC itself over-rides the settings in the router. So, YOUR PC will use a "normal" DNS and won't be subject to the OpenDNS restrictions. Your brother-in-law's PC will connect via OpenDNS (because his PC is set to automatically get DNS info from the router and hasn't been manually configured) and thus he WILL be restricted.

I hope this is of more use to you. It really is quite easy; just follow the guides. :) BTW, I'm really curious as to why you'd need to limit your brother-in-law's PC and not your own. Is he under 18 or something? :D
Click to expand...

Nah he is 21 BUT downloads a lot of movies and with a 50mb connection he will fly trough his downloads an if he gets caught, it's me in trouble, plus he doesn't offer to pay towards the Internet so it's my Internet anyway lol...
 
No, it needs to be the IP address of a DNS server. 8.8.8.8 is google DNS, ive never heard of 4.2.2.1 though. I'd set them to 8.8.8.8 and 8.8.4.4 (google two DNS servers)
 
.Kencs said:
Nah he is 21 BUT downloads a lot of movies and with a 50mb connection he will fly trough his downloads an if he gets caught, it's me in trouble, plus he doesn't offer to pay towards the Internet so it's my Internet anyway lol...
Click to expand...

Ah, now we're getting somewhere! I should have asked earlier tbh, though explaining this in your OP would have helped too. ;) I'm not sure how effective OpenDNS will be in preventing him running torrents, if at all. You're much better off with a local system to prevent it being feasible, though if he has his own PC you're a bit more limited in your options.

OpenDNS would stop him being able to access indexes and trackers, perhaps, but there are plenty of ways around that and someone capable of torrenting isn't likely to be a n00b. It'd be pretty hard to block someone from using bittorrent when they have access to their own non-restricted machine tbh.

Perhaps set up QoS on the router, giving priority to yourself for all traffic, torrent type traffic limited to 0.1 kbps) and perhaps he'll give up in frustration? :p You'd need to set a static LAN IP for yourself to do that though, but it is very easy (Google will show you how, just google 'set static IP [your router model]').

You could theoretically lock down the router firewall to only allow http traffic over port 80 but that'd just end up causing you more headache than it solved. Just ensure, whatever you decide, that you set a good password on you router's configuration pages and don't tell your brother-in-law what it is!

Also definitely talk to him and explain your feelings on the matter. He's 21, so old enough to respect your word on the matter since it's your connection, and you are paying the bills. Maybe someone else has a better suggestion?
 
Ryan111 said:
No, it needs to be the IP address of a DNS server. 8.8.8.8 is google DNS, ive never heard of 4.2.2.1 though. I'd set them to 8.8.8.8 and 8.8.4.4 (google two DNS servers)
Click to expand...

4.2.2.1 through 4.2.2.5 are Level 3 DNS servers and very reliable. I prefer to use them as my primary as they're fast and independent, whereas Google logs your usage and browsing habits (naturally). :p Google is simply there as my second choice as a backup server, independent of Level 3, in case they go down for some reason. I chose Google because, logging aside, they at least don't hijack NX.
 
Rainmaker said:
Perhaps set up QoS on the router, giving priority to yourself for all traffic, torrent type traffic limited to 0.1 kbps) and perhaps he'll give up in frustration?
Click to expand...

THIS is the option I wanted to go down originally but I had no help lol...

I have the following:

Turn Bandwidth Control On = TICKED

Uplink bandwidth Maximum = Mbps

Automatically check Internet Uplink bandwidth

If I enable this won't it effect my connection ASWELL? and what do I put in the Uplink Badwidth?

I also have QoS Priority Rule list and I can add things to the list...advice? lol
 
.Kencs said:
Anyone able to advise on my last question?
Click to expand...

I'm out of my depth now mate, sorry. It depends on your router and firmware tbh. If you can set the limits per OS or MAC address, then it won't affect your PC at all. If it's a global rule, then yes it'd definitely affect you too which would render it useless as a solution. Hopefully someone more knowledgeable will be along to help you soon. :)
 
Just to let u know mate, iv sorted it...assigned a 192.168.1.x number using MAC addresses so mine will always have .2, iPhone .3, wifes phone .4 and when brother-in-law is online I can assign him .5 then when any of the sites iv blocked come up in the log I can see which device tried to access it. Found a Block List and added a lot to my block sites list an works well :)

Thanks for all ya help... :)
 
You must log in or register to reply here.
Back
Top Bottom