Bypass account not working

Comments

7 comments

  • Avatar
    rotblitz

    So, did you configure the content filtering settings for your bypass account at https://netgear.opendns.com/ ?  E.g. level "none"?

    Post the complete plain text output of the following command here:

       nslookup -type=txt debug.opendns.com.

  • Avatar
    mwalker205

    I'm having the same issue. This was working fine before I upgraded my router's firmware but now it's as if I don't even have a bypass account.

    I ran the above command and got the following:

    1.1.168.192.in-addr.arpa
            primary name server = localhost
            responsible mail addr = nobody.invalid
            serial  = 1
            refresh = 600 (10 mins)
            retry   = 1200 (20 mins)
            expire  = 604800 (7 days)
            default TTL = 10800 (3 hours)
    Server:  UnKnown
    Address:  192.168.1.1

    Non-authoritative answer:
    debug.opendns.com       text =

            "server 1.lax"
    debug.opendns.com       text =

            "device 000067ECD245D995"
    debug.opendns.com       text =

            "flags 422 0 B2 1840000000000000000"
    debug.opendns.com       text =

            "originid 28679689"
    debug.opendns.com       text =

            "actype 1"
    debug.opendns.com       text =

            "bundle 28679689"
    debug.opendns.com       text =

            "source 70.190.80.2:32769"

  • Avatar
    rotblitz

    Ensure that you don't attempt to use Netgear LPC and OpenDNS Home in parallel.  These are not compatible.
    I.e. there should be no network configured at https://dashboard.opendns.com/settings/ with your IP address e.g. 70.190.80.2.  If there's a network, then delete it.  Your dashboard is only at https://netgear.opendns.com/

    You may also need to configure your router from anew with Genie to enable LPC.
    http://www.netgear.com/home/discover/apps/genie.aspx

  • Avatar
    mwalker205

    I did have networks for both. I deleted the OpenDNS one and it seems to work fine now.

    However, I am trying to blacklist a couple of domains to prevent the kids from getting on them but if I do this, I am unable to get on the domains as well. Can a bypass account bypass the blacklisted domains too? ... or does it only bypass the filtering levels (low, med, high)?

  • Avatar
    rotblitz

    "I am unable to get on the domains as well."

    Did you flush your caches before trying?  You should, else you may still be presented with content from your caches.

    "Can a bypass account bypass the blacklisted domains too? ... or does it only bypass the filtering levels (low, med, high)?"

    Unfortunately this is not clearly documented on http://kb.netgear.com/app/answers/detail/a_id/25687/ (from step 11).
    But it seems that the bypass is applied only to categories (= levels), not to individually blocked domains.

    You can work around this while adding entries into your local hosts file for the domains you have blocked but want to access, bypassing the LPC restrictions.  If you don't know how, let me know about examples of blacklisted domains, and I can provide suggestions.

  • Avatar
    mwalker205

    Thank you for your help.

    I'm not sure how to add entries into my local hosts file so any suggestions will be greatly appreciated.

    I want to block googlevideo.com and l.google.com

    These are domains that youtube apps (for tablets) access for youtube videos. Even though youtube.com is blocked through the browser, my kids are still able to access youtube videos through their app.

  • Avatar
    rotblitz

    "I want to block googlevideo.com and l.google.com"

    ...but you want to access it from your computer?  This is a bit tricky.  Unlike at OpenDNS, these domains do not mean itself and all their subdomains, but in the hosts file you must exactly specify them, the full subdomains.

    So you have to find out the full (sub)domain names from your domain stats: https://dashboard.opendns.com/stats/all/topdomains

    And then you look up the IP address(es) for each (sub)domain name, from a non-filtered network, for example if you want to block googleusercontent.com via LPC:

       nslookup -type=a oauth.googleusercontent.com.
       Server:  dns1.local.prv
       Address:  10.165.161.12

       Non-authoritative answer:
       Name:    googlehosted.l.googleusercontent.com
       Address:  216.58.209.225
       Aliases:  oauth.googleusercontent.com

    Then you add the following line to your hosts file:

       216.58.209.225  oauth.googleusercontent.com  googlehosted.l.googleusercontent.com

    "Even though youtube.com is blocked through the browser, my kids are still able to access youtube videos through their app."

    Then you may want to read https://support.opendns.com/entries/30128744-YouTube-app-not-being-blocked-on-iPads

Please sign in to leave a comment.