Using Firewalla as DNS Only

Follow

Nick Betts

• November 06, 2025 16:49

I have a network and firewall that I am happy with and have a Purple SE that I've been using in Bridge mode. I'd like to know if it is possible to setup the Firewalla to act as DNS server but not in an inline or router mode. My goal would be to have Firewalla hanging off of a switch and have my clients pointed to it for DNS and also have the ability to get alerts that are currently available if a DNS lookup matches an alert type. I know you will probably all say just use it in bridge mode but I'm getting gigabit fiber internet installed and I believe the Purple SE is only rated for 500Mbps. I love the ability to have the traffic logging and alerting but don't want it inline and affecting my speed. Thoughts?

0

• 

  Firewalla

  • November 06, 2025 18:17

  Firewalla is a "firewall", so it is best deployed to be inline with your network traffic. (And firewalla does a lot more than DNS filtering as well, you can learn more here https://help.firewalla.com/hc/en-us/articles/360049856394-How-to-Secure-Your-Network-with-Firewalla-Part-3-Protect

  (And of course there are a lot of visibility + control features you can also use)

  If you just need a DNS server, you can google pi-hole, it is free and it is a DNS server

  0

  Comment actions Permalink
• 

  Doyle Jack

  • November 07, 2025 13:48

  100%. Use Pi-Hole. It would be insane to purchase a Firewalla firewall and only use it for DNS.

  0

  Comment actions Permalink
• 

  Nick Betts

  • November 07, 2025 14:03

  I already have the Firewalla. I was using it as my firewall previously but now have Ubiquiti gear and the Firewalla Purple SE that I have won't handle the gigabit Internet. Was hoping to continue to use it but not have it inline.

  0

  Comment actions Permalink
• 

  Doyle Jack

  • November 07, 2025 18:16

  Unifi has ad-blocking, too, now. My Unifi Dream Machine had it before I switched to Firewalla.

  That said, if you want something better than what the Unifi offers, I'd stand up a Pi-Hole. It's great, and has a lot more flexibility than Firewalla.

  I use Firewalla now, but I sometimes miss my Pi-Hole. Firewalla doesn't block ads nearly as well.

  0

  Comment actions Permalink
• 

  Rom

  • November 26, 2025 23:31

  Did you ditch the Dream Machine?

  If not, how does your network setup like now? I have a Purple currently connected to an Asus AP and I just bought the Dream Router 7, to replace the Asus. Looking for the optimum network setup. :)

  0

  Comment actions Permalink
• 

  Nick Betts

  • November 27, 2025 00:44

  I'm running a Ubiquiti Cloud Gateway, POE switch, three APs and a couple of small switches. Right now I have the Firewalla Purple SE inline between the POE switch and the UCG in bridge mode. Like I stated, my issue is that the Purple SE limits my throughput and is only capable of 500Mbps. I really like the reporting and alerts on the Firewalla app and was hoping to keep those but use it in a pi-hole kind of way as a DNS server. Doesn't sound like this is doable though. I love the Ubiquiti gear and management interface but also love the features of Firewalla. I might have to bite the bullet and upgrade the Firewalla and try to eBay my current one.

  0

  Comment actions Permalink
• 

  Firewalla

  • November 27, 2025 01:16

  Firewalla does a lot more than a simple DNS server; since it does more work in the data plane, you will need a faster unit (even in bridge mode) to have traffic rate up. 

   

  0

  Comment actions Permalink

Please sign in to leave a comment.