Roaming Client Failover
Chris
When the roaming agent fails to resolve DNS queries due to enterprise network conditions such as DNS Doctoring please provide an automatic remediation method after a specified time period to temporarily disable the DNSFilter Agent. Controlling this feature through the deployment command line would be sufficient.
Why: We have roaming clients that are unable to resolve DNS requests on specific enterprise networks and it's painful as the current fix is telling them to pack up their bag and leave or 4G hotspot since they don't have Administrative rights. We're working on a scheduled task script to monitor connectivity and the script will disable the Windows service, set DNS to DHCP, and flush the DNS. We have found these three steps to resolve the issue when it happens.
Command-line options:
AUTOREMEDIATION="enabled" allows the roaming agent to self heal connectivity issues caused by enterprise configurations such as DNS Doctoring. Automatic Remediation will temporarily disable the Windows service and static DNS configuration when a DNS request cannot be made to DNSFilter servers. When Automatic Remediation is running a connectivity check will be issued every 300 seconds on the client and if successful will re-enable the DNSFiltering Agent protection.
NETWORKTIMEOUT="300" allow you to specifiy a custom network timeout before DNSFilter will attempt automatic remediation. Default is 300 seconds.
Alyssa Leinweber
This is critical. We are struggling with issues with DNSFilter and we dont have an easy way to disable it without either a full uninstall or manually changing the daemon.conf file. There should be a bypass option within the console for Macs & Window machines that allows us to get our users back online while we troubleshoot
Chris
Original poster. Did you figure out a work around via the task scheduler that you would be willing to share?
Kahle
We would love to see some sort of failover option. The most recent issue with DNS resolution in Denver caused multiple clients to lose internet completely and we couldn't run any remote scripts to disable or bypass until the issue was resolved. The only resolution was to go through clients one by one and manually disable the service until the issue was resolved. Quick support helped get this fixed but as others have said, "failing back to a slightly-less-secure-but-still-working internet is far more important than locking down all network traffic no matter what."
Adam Rice
Absolutely need this option. As an MSP, for my clients, failing back to a slightly-less-secure-but-still-working internet is
far
more important than locking down all network traffic no matter what.Matt Ellsworth
I'm on board for our users. If DNSFilter servers are being blocked, some failover (and an alert HINT HINT) would be good with us. Then we can remote into the machines and troubleshoot. It's hard to remotely connect to a machine that doesn't have DNS service.
Mikey @DNSFilter
Merged in a post:
Backup DNS
J
Jeff Hampson
When I install the DNSfilter app, it controls my computers DNS. Which is fine. I would like for there to be a way for me to set a backup DNS on your app. Perhaps its not DNSfilter but some other public DNS.
Bruce
I see the need for this. We signed up with DNSFilter less then 6 months ago. Since we came on board DNS Filter has gone down twice putting a few hundred of our clients down. After the 2nd time this happen my Engineers started questioning why are we using a service that is generating more downtime for our clients then when we didn't have this offering. With clients now being more reliant on the internet and being in the cloud with their application their does need to be a better backup or redundant solution.
Mikey @DNSFilter
Bruce, thanks for the feedback. I know the downtime from the last month was painful and your service area was affected. I'm sure you've seen the update from our CEO. Trust that we are taking measures to prevent any outage because DNS is the core of all modern business.
Requests like this one, backup DNS IPs, are under review.
Patrick
When there is an issue or temporary disruption is service , it in effect brings down a client. Is there a mechanism to temporarily bypass, or more expedient way to contact support ? Today is the 2nd time in 2 or so weeks there has been an issue experienced
Joe
Would the purpose of the backup DNS be for _if_ DNS Filter services go down? Or you aren't able to reach due to firewall restrictions? Just trying to see what the use case would be for a feature like this to be implemented.
Christopher Sweeney
That would defeat the purpose of using it to filter your traffic.
Load More
→