Im actually offering filtered Internet access for my customers using specific DNS.
I need to create a rule that will block any DNS requests that doens’t match with the IPs of my DNS servers.
The “DNS override” allows the acces point to intercept the Wi-Fi user terminal DNS request, and force it to go to another DNS than the one requested by the client.
Meraki have already implemented it with the NAT mode SSID;
“When an SSID is configured in “NAT mode”, wireless clients will point to the access point (AP) as their DNS server. The AP then acts as a DNS proxy, and will forward clients’ DNS queries to its configured DNS server.”
This is typically used to forward NAT mode SSID clients to a DNS server with custom content filtering.