Hi there. After help pls, and as simple as poss as I'm a tech dummy! Git virgin 3.0 hub. Logged in. Changed passwords. All family devices a reconnected. Now kids change dns settings on iphone and iPads to 126.96.36.199, they don't even have to re enter a password and straight away they can bypass child safe. When they set it back, again they don't need to re enter password for wifi so they can switch back and to as and when they chose. Any suggestions at either device level or (preferably) router level that I can. Implement to preens them being able to change dns so that in effect they are forced down channel if being blocked??! Thank you!
There is an option on iPhones for restrictions but it doesn't prevent changes to wifi. And for a few reasons I was hoping just t be able to do it at router level to block them all in one go as they are always swapping and changing gadgets, plus friends gadgets etc. So thought router level would mean all done in one. Thanks for the reply.
I'd put a firewall in - you can block DNS traffic to any servers other than your designated DNS servers. And that's for starters.
But, I think it's much netter to give kids enough rope to hang themselves with, otherwise they never learn. The firewall should record every IP they visit and could even be configured to go further, capturing requests etc.
Setting up a firewall can be done for relatively little outlay. It's the knowledge you need that's the tricky part. It's not rocket science or brain surgery - how much spare time do you have to set this up? Better still, how old are the kids? It is something they could be involved in...
I'm going to leave this suggestion here for the Forum Team to pick up and put forwards as a suggested development:
You already have some form of internet security - could I suggest that when kids safe (or whatever it's called) is turned on, it blocks outbound access to DNS as well (done at network level upstream means end users don't need to become technical), with an option to turn just DNS blocking off or kids safe off completely (which would turn off DNS blocking as well).
As others have suggested, communication with your kids is a good start - what are they wanting to go on that is blocked, and discuss discuss why it may be blocked. As others have said it's quite difficult to block kids accessing through various other means, and logging IPs only gives part of the picture - you really would be looking at an appliance capable of HTTPS interception, web filtering based on content and url, Application layer filtering, Firewall, etc etc all of which take processing power, data storage, and a lot of administration.