If you've installed the DNS Proxy machine, you need to create NAT rules on Mikrotik to automatically redirect all DNS requests (port 53 TCP and UDP) to DNS Proxy IP, except those that come from DNS Proxy itself.

Copy the following commands and replace <

> with the DNS Proxy IP.
Then paste it into your Mikrotik terminal:


/ip firewall nat
add action=dst-nat src-address!=<

> comment=internetprotection chain=dstnat dst-port=53 protocol=udp to-addresses=<

> to-ports=53
add action=dst-nat src-address!=<

> chain=dstnat dst-port=53 protocol=tcp to-addresses=<

> to-ports=53
/ip firewall nat move [/ip firewall nat find comment=internetprotection] 0

The operation of the general NAT rules for Mikrotik.


The general NAT rules for Mikrotik. How to manage them.

DNS Proxy Setup

Mikrotik for ISP: NAT rules to DNS Proxy

Why Netflix, Amazon Prime Video and Youtube don`t work on Smart TV?

FlashStart Docs

Al-based DNS filtering for
MSPs, ISPs & Companies

🛡️ Al-based DNS filtering for
MSPs, ISPs & Companies (cloned)

Demo License activation

First configuration of Cloud Filter

First Steps

Product licenses

Single Cloud Licenses

Cloud Bulk licensing

License management

Threat Protection

Content filtering

App Blocker

Search engines protection

IP Blocking

Geoblocking

Personal WhiteLists

Personal BlackLists

Protection Configuration

Windows connector setup

Preventing users from ignoring FlashStart's DNS filter

Granular Protection and Active Directory integration

ClientShield remote agent configuration

DoH and DoT Protocol Configuration

Remote End-Points

The extended search menu

Advanced: Multiprofile and Multipolitics

FlashStart's API for third-party integration (cloned)

Tool: Search in lists

Tool: Import from txt file

Tool: Change password

Tool: Advanced settings

Tool: Stop page

Tool: time zone change

Tool: statistics infrastructure

FlashStart's advanced configurations

Sales marketing tools

Pro & ProPlus (cloned)

Pure Cloud setup mode

Cloud and local DNS cache

ISP and WISP Setup Guide

Data Export

Import RPZ lists

📡 ISP Lite & Premium

Configure the Dynamic DNS using dyndns.org

Generic guide to enable FlashStart cloud filtering

How to block DNS resolution from outside in Mikrotik

How to run scripts on multi-WAN scenarios on Mikrotik

How to solve synchronization problems in Mikrotik

How to configure multiprofile on Mikrotik

Mikrotik OS configuration

Teldat configuration

Bind configuration

Ubiquiti-UniFi configuration

Grandstream configuration

PFSense configuration

Netgear configuration

IPCOP configuration

Linksys Router

Cisco configuration

TP-Link configuration

Fritz!Box configuration

Zyxel/Zywall configuration

Draytek configuration

Bright Box configuration

Ruijie Router

Pi-Hole's blacklist configuration

Router Guides/Integration📡

How can I synchronize my router?

Why can't I surf?

How do I unlock a website?

Why are filters not applied to the network?

Why can't I add a network?

Install the CA to avoid certificate errors

Why appears "Certificate Error" in some blocked websites?

Change your own account email

Change customer account email

How do I change the account email?

Mikrotik: How do I set up the multi-profile?

Can I create user-based filter policies?

Customization of the stop page

Is it possible to customize the filter block page?

Why can't I access the dashboard?

💬 FAQ

API Documentation for Developers

API Documentation for Developers (cloned)

Traffic Reports

Report

Protection

Networks

Devices

Countries

Profiles

Timezone

Panel

Get Domain Categories

Check domain

Blocklist

Customers

Licenses

Auth

Customerarea