Netgear Gene and OpenDNS still lets my computers access porn sites with Parental control on

Comments

14 comments

  • Avatar
    rotblitz (Edited )

    There have been similar cases reported recently.  Did you install a new version of Genie or router firmware possibly?  If so, please refer to Netgear support directly.  Genie and the router's firmware are Netgear's, not OpenDNS'.

    You may also copy & paste the complete plain text output of the following diagnostic command here:

    nslookup -type=txt debug.opendns.com.

    This can give me some insights if something else is wrong, like your ISP hi-jacking your DNS traffic or other OpenDNS services interfering with LPC.  Especially, do not attempt to use any other OpenDNS service at the same time, because these are incompatible with LPC.  I.e. delete any network at https://dashboard.opendns.com/settings/
    Your LPC dashboard is only at https://netgear.opendns.com/

    Strictly follow these instructions:
    http://kb.netgear.com/app/answers/detail/a_id/25687/
    and do not do anything else beyond this!

  • Avatar
    va6dxopendns

    I'm using the original version of Netgear Gene and have done no firmware upgrades to the Router. But I IP has changed recently (although I seem to have had problems before the IP changed). Do I need to make a change somewhere in OpenDNS for a different IP? Not sure what else to try.

     

    Thanks much for any help.

     

  • Avatar
    rotblitz

    LPC does not work based on your IP address.  Best would be to show the output of the diagnostic command as of above.

  • Avatar
    va6dxopendns

    I put the following line in the URL address portion of my browser (Firefox) and all it came up with was a google search results, no diagnostic.. Maybe I didn't paste it to the right spot but you didn't indicate where it was supposed to be pasted to. Was that the right spot to paste it?

    nslookup -type=txt debug.opendns.com.
  • Avatar
    va6dxopendns

    Sorry, I didn't realize what kind of command that was. I'm a Mac user. Found a windows machine and ran the command. Here's the results:

    1.1.168.192.in-addr.arpa
            primary name server = localhost
            responsible mail addr = nobody.invalid
            serial  = 1
            refresh = 600 (10 mins)
            retry   = 1200 (20 mins)
            expire  = 604800 (7 days)
            default TTL = 10800 (3 hours)
    Server:  UnKnown
    Address:  192.168.1.1

    Non-authoritative answer:
    debug.opendns.com       text =

            "server 11.sea"
    debug.opendns.com       text =

            "device 0000919C53BEAED1"
    debug.opendns.com       text =

            "flags 422 0 70 5950800000000000000"
    debug.opendns.com       text =

            "originid 0"
    debug.opendns.com       text =

            "actype 0"
    debug.opendns.com       text =

            "source 173.209.121.35:32769"

     

    No idea what the above is so hope I didn't give away some keys for hacking....lol

    So what does the above mean?  Thanks again for your help.

  • Avatar
    rotblitz (Edited )

    The command is the same on OSX, Linux and Windows.

    This looks all good, and LPC should be in effect.  Your DNS queries are handled by OpenDNS data center in Seattle.  Still problems with blocking?

    What does http://welcome.opendns.com/ come back with?
    Also post the complete output of the following command:

    nslookup www.exampleadultsite.com.
  • Avatar
    va6dxopendns

    No it's still not blocking and not sure why. Did I need to reboot all machines for it to work? Here's the next output of the line from above:

    Server:        192.168.1.1
    Address:    192.168.1.1#53

    Non-authoritative answer:
    Name:    www.exampleadultsite.com
    Address: 67.215.92.210

  • Avatar
    rotblitz

    No, you do not need to reboot anything.  Initially flushing the caches after a settings change is sufficient.

    You do not have adult domains blocked with your settings.  Visit https://netgear.opendns.com/ to ensure that you have at least category Pornography blocked.  Also ensure that you do not use a bypass account where adult domains are not blocked.

    Also again, what message does http://welcome.opendns.com/ come back with?

  • Avatar
    va6dxopendns

    Turns out I had to "add a network". Earlier I thought that meant add to your existing network so that's why I didn't do that earlier. Before I was looking at 'moderate' filtering and noted it was checked but it must have been referring to my old IP or something. Not very user friendly. Anyway, its finally working now.

    Thanks

  • Avatar
    rotblitz (Edited )

    No, with Netgear LPC you must not "add a network".  This is only for the other OpenDNS service versions.  Delete it again!

    And again, your IP address is irrelevant with LPC.  LPC works based on device ID.

    And I'm user, not staff, so I don't have "your existing network".

    And because of "user friendly": this is because you're doing things you are not asked to do, like adding networks somewhere, rebooting devices and whatever useless stuff, and which confuse your configuration so that it does not work.  It's so easy, you just enable LPC and select the level or categories to be blocked, not more.

    Just read my first response again.  Everything is already said there!  Copying to here for convenience:

    Especially, do not attempt to use any other OpenDNS service at the same time, because these are incompatible with LPC.  I.e. delete any network at https://dashboard.opendns.com/settings/
    Your LPC dashboard is only at https://netgear.opendns.com/

    Strictly follow these instructions:
    http://kb.netgear.com/app/answers/detail/a_id/25687/
    and do not do anything else beyond this!

  • Avatar
    va6dxopendns

    OK, thought I'd had it all good but you say I don't. I was getting the "This domain is blocked" (by OpenDNS) page every time I tried to access inappropriate content so I assumed it was working properly. There's only one network listed under the "Your networks" heading on this page https://dashboard.opendns.com/settings/ and now you say I need to delete that one. It's the one that contained my current IP address. So I guess I'll delete it and start over  in setting it up.

    When I tried before to follow the directions on this page http://kb.netgear.com/app/answers/detail/a_id/25687/ it did not work but I think back then only a small portion of it actually loaded on my browser when would explain why that didn't work. But I see now there's lots more to that page so I can give it a try.

    Thanks again.

  • Avatar
    rotblitz (Edited )

    Again, OpenDNS Home and LPC are not compatible.  Therefore you must delete your network at https://dashboard.opendns.com/settings/
    Your LPC dashboard is only at https://netgear.opendns.com/

  • Avatar
    areeves

    I have followed this chat and I still have porn access.  I am unsure what I am doing wrong.

    Microsoft Windows [Version 10.0.14393]
    (c) 2016 Microsoft Corporation. All rights reserved.

    C:\Users\Andrew>nslookup -type=txt debug.opendns.com.
    Server: UnKnown
    Address: 192.168.1.1

    Non-authoritative answer:
    debug.opendns.com text =

    "server m11.sea"
    debug.opendns.com text =

    "device 0000087D1C79117C"
    debug.opendns.com text =

    "flags 422 0 8010 1940000780000000000"
    debug.opendns.com text =

    "originid 61742127"
    debug.opendns.com text =

    "actype 1"
    debug.opendns.com text =

    "bundle 61742127"
    debug.opendns.com text =

    "source 96.44.122.150:1025"

    C:\Users\Andrew>nslookup www.exampleadultsite.com.
    Server: UnKnown
    Address: 192.168.1.1

    Non-authoritative answer:
    Name: www.exampleadultsite.com
    Addresses: 146.112.61.106
    146.112.61.106


    C:\Users\Andrew>

    I have deleted the network from your link.

    I have been through the netgear genie to confirm the parental controls are set with it saying that parental controls are enabled and the opendns setting I have put on high.  I have no exception computers but I still have access to adult content.

     

  • Avatar
    rotblitz

    According to your output www.exampleadultsite.com is being blocked.  Did you flush your local resolver cache and your browser cache?  Are the domains you still can access categorized as what you have selected for blocking?

Please sign in to leave a comment.