Tech Lockdown Tech Lockdown
Free Trial

How to Enforce DNS settings on Windows

Connect your device without using an App.

techlockdown logo
Tech Lockdown Team
|
Updated August 2, 2024

There are some cases where it isn't possible to install the VPN app on a Windows device. Instead of installing the client, you have the option to connect your device to the filter manually.

You can also set your device's DNS in addition to installing the client, that way there's a backup filter in case the VPN is disabled.

You can change DNS settings on your windows device to still maintain a connection to your filter if the client is disabled. There are two important drawbacks to consider when using this method:

  1. Configuring DNS settings can get confusing. There are a couple different ways that you can connect (IPv4, IPv6, DoH, DoT), and it can get confusing as to which one you should use.
  2. Without the WARP client enabled, your DNS Content Policy won't be able to differentiate your windows machine by email address. Any rules that you've set to apply to a specific user on that device won't apply on that device until the WARP client is re-enabled.

Which DNS Addresses Should I Use on My Computer?

There are four different addresses that you'll be able to use:

  1. DNS over IPv4
  2. DNS over IPv6
  3. DNS over HTTPS (DoH)
  4. DNS over TLS (DoT)

If you're connected a Windows device, you generally want to use the IPv4 and IPv6 addresses. DNS over HTTPS is also an option on Windows 11.

In addition to connected the device, you might also try to connect a web browser to your Content Policy using DNS over HTTPS (or DoH).

Change DNS Settings on Windows 11

To point your Windows machine's DNS to your Content Policy:

Preferred DNS:

172.64.36.1

Alternate DNS:

172.64.36.2

You can also enter your DoH (DNS over HTTPS) address. This uses a more secure protocol 

Change DNS Settings on Windows 10

Windows 10 is slightly different than Windows 11.

First, open the Start Menu and open Settings

172.64.36.1
172.64.36.2

Lock DNS Settings

If you want to prevent yourself from changing DNS settings later, we recommend locking Windows settings

guide

How to Lock Settings on Windows

Learn how to lock your Windows computer's connection to your Content Policy

Read More

Configure Your Browser to Use Encrypted DNS

Another step you can take is to change your browser's DNS to use your Content Policy.

The information you'll want to have ready first is your DoH or DoT address listed on the Tech Lockdown dashboard. This can be found under Connect Devices > Config.

Note
Your DoH and DoT addresses will unique to your account.

Next, you'll need to navigate to the section for Secure DNS on your browser.

Google Chrome

  1. Open Chrome
  2. Select More in the top right corner
  3. Select Settings
  4. Select Privacy and security on the left
  5. Select Security
  6. Under Advanced, turn Use Secure DNS on
  7. Choose "Add custom DNS service provider"
  8. Copy/paste the DoH or DoT address listed on your Tech Lockdown dashboard into the Secure DNS address field

Microsoft Edge

  1. Select the three-dot menu in the top right corner of Edge
  2. Select Settings
  3. Select Privacy, search, and services
  4. Scroll down to Security
  5. Toggle on Use secure DNS to specify how to lookup the network address for websites
  6. Select Choose a service provider
  7. Enter the DoH address listed on your Tech Lockdown dashboard
Windows
Open chat