[markpenn2020]

I also had to revert to 2.7.7. Prior to reverting, this is what I had to do to get 2.7.7 to work, sometimes.

Within an Access Control Profile, change the DNS setting to Google public.
Uncheck Enforce Access Control, Block proxy, Block literal IP addresses, and Block VPN, TOR
Save
Verify internet connectivity and DNS settings at https://www.dnsleaktest.com/ or similar site.
Change DNS setting back to your preferred DNS provider and click save.
Verify internet connectivity and DNS settings at https://www.dnsleaktest.com/ or similar site.

Now, enable Enforce Access Control and discover I cannot connect to the internet. I can ping by name, so DNS in some way is working, but browser content is not working. Follow the steps above to allow internet connectivity again.

Something appears to have changed with what the Enforce Access Control checkbox does.

[markpenn2020]

I’ve been having the same problem. Both 2.4 and 5.0 work, but neither will shutoff like they used to. I think I’m on 2.5.9. I also noticed that if I setup an access control group to bypass the router level OpenDNS to use Google DNS (for my work VPN and VOIP device), it still uses OpenDNS.

[markpenn2020]

That appears to have worked. However, sites seem to load more slowly than before. Also, is this perhaps a feature you could add in future releases so that the blacklist entries are controlled by a checkbox such as “Block Apple Private Relay”?

[markpenn2020]

OK, I figured this out. See this article, which indicates that using private relay hides IP addresses, which is why pcWRT sees it as blocked, but OpenDNS doesn’t actually block it. Apple is monkeying with addresses in between. https://support.apple.com/en-us/102022 As soon as I disabled Private IP address for the pcWRT wireless network, it began to behave like normal. What that means is that Apple provided a really easy way to bypass pcWRT filtering, which is obviously a problem.

[markpenn2020]

Yes, I am aware of the logs, and I found something strange. If I blacklist a site specifically in pcWRT, then my iPhone cannot get there, as expected. If I remove the blacklist, my iPhone can get there as expected. If I go to internetbadguys or exampleadultsite on my iPhone, I see the site that says, “This is a demo…If it were a real site…” However, both of those entries show up in the pcWRT blocked logs as DNS. If, however, I go to welcome.opendns.com, then I see the red X saying I am not using OpenDNS. That is then logged as visited in my pcWRT logs. So it appears as if my iPhone is somehow bypassing the OpenDNS blocking even though pcWRT sees the traffic as blocked. Very odd.

[markpenn2020]

More tests show that pcWRT is successfully blocking another iPhone and an iPad. Also no logs in pcWRT for either of those iOS devices being blocked. So, it seems very specific to my iPhone somehow. It’s as if my iPhone has figured out a way to connect through pcWRT but not have any access controls applied.

[markpenn2020]

Correct. internetbadguys.com is blocked on Windows blocks it, but not on my iPhone. It’s also blocked as expected using an Android phone. I do not see logs for internetbadguys.com (or exampleadultsite) in pcWRT, nor do I see it blocked in OpenDNS logs. I am never quite sure which is blocking what, but I’ve never seen OpenDNS blocks in the pcWRT logs. Regardless, I see no logs for any of that being blocked or accessed.

[markpenn2020]

Apologies for the rapid-fire posts, but I did another test. I intentionally blocked cnn.com from pcWRT, and both my iPhone and my Windows PC were blocked as expected. I unblocked it and both could get to the site. That confirms that the iPhone is indeed going through the router and being affected by changes there.

[markpenn2020]

Also I forgot to mention that I turned cellular data off, so my iPhone is only connected to my pcWRT router. Plus, I did some other tests, and this is odd. I checked my DNS settings at https://www.dnsleaktest.com/ from both my iPhone and my Windows PC. They both said I was using OpenDNS servers. However, my iPhone is not being blocked the same way. The DNS settings on my iPhone for my pcWRT wifi is set to Automatic, which I assume is correct. I restarted my iPhoned and have the same results.

[markpenn2020]

Never mind. DHCP and static have the same results. Connect for short periods and then drop.

[markpenn2020]

Interesting. I had it DHCP for the longest time, but then changed it to static while I was doing other changes to the network. Those changes coincide with the issues I’ve had. I just changed it back to DHCP, and it has held connection for the past 5 minutes. I wonder why that would make a difference? The static IP I chose, I know for certain was not a duplicate on the network. I’ll run it this way for a while and observe. Thank you,

[markpenn2020]

If you can add black and white lists, enable safe search, etc without enforcing access control, then what does enabling Enforce Access Control actually do?

[markpenn2020]

Any updates on enabling safe search for everyone?

[markpenn2020]

Never mind. It was there starting me in the face. The minus button. I thought that was a collapse/expand toggle.

[markpenn2020]

I’m still digging into this. To simplify my approach, I would like to delete some of the profiles to get back to basics. However, I must be blind as I see no Delete Profile function/link/button.

[Author]

Posts