0

Static IP from ISP

I am behind a CGNAT. Currently the ISP provided router does not let me edit DNS in the WAN page. Although it allows changing DNS on LAN/DHCP page.

So I am thinking of buying a static IP from my ISP as this would solve the port forwarding issues I have running plex, xbox, CCTV etc

But with static IP comes security issues. Although I have a TPLink Deco X60 which is connected to the ISP provided router I think there is still a security risk. 

So my question 

1 - Having a NextDNS solution help me with a good firewall or save my network in some way.

2 - As the ISP does not allow editing the WAN page, will NextDNS still work after I change the DNS to NextDNS provided DNS in LAN/DHCP.

The idea is that whoever connect to the TPLink Deco X60 router goes through NextDNS provided DNS.

 

(I was a very old NextDNS user - 2020 and then stopped using in 2023)

3 replies

null
    • R_P_M
    • 4 wk ago
    • Reported - view

    1) Possibly but only for outgoing connections, i.e. blocking malware domains. 
    2) Yes, it will still work and is the more preferred location to set DNS on the router. Don’t forget to link the IP or it won’t pick up your profile configuration. (CGNAT won’t link correctly so it definitely won’t work)

      • Prashant_Rana
      • 4 wk ago
      • Reported - view

        thanks. Yes thats why thinking of getting a Static IP for CGNAT

    • Freo
    • 2 wk ago
    • Reported - view

    I was in similar situation till i switched my router to OPNsense to configure reverse proxy etc.. Port forwarding is not secure so consider reverse proxy instead.

     You have probably few option with you existing router with doesnt support nextdnsCLi and reverse proxy..
          - on your device in the network run automated script lets say evrry 10 minutes to link your ip with nextdns (i did it with Powershell from my Windows device)

Login to reply

Content aside

  • 2 wk agoLast active
  • 3Replies
  • 70Views
  • 3 Following