DNS & VPN as parental controls

DNS and VPN: what's the difference?

Last Updated on October 16, 2023

Most of us are not technical and we get frustrated and confused with all the IT abbreviations. What is the difference between VPN and DNS, since both seem to be used to make – or break – parental controls? Here is a simplified guide.



What it is

DNS (Domain Name System)

VPN (Virtual Private Network)

What it does

DNS translates domain names to IP addresses which Internet runs on – it’s an address book for the Internet. DNS is the naming of the network.

VPN is an encryption service for internet traffic, hiding your IP address from outsiders. VPN is the encription of the network.

What it means for parents

Protects innocence. 

  • DNS can help protect my family from incoming digital garbage.

Protects privacy. Compromises innocence.

  • VPN can help protect my family’s privacy from the prying eyes of big data.
  • Kids can use it to circumvent my parental controls.

How it is used

Family-friendly DNS servers won’t map inappropriate DNS names, breaking the connection to disreputable web pages. You need to change the default settings on your router to take advantage of this.

All traffic between the user device and the Internet is routed through a VPN server, which fools websites to see the VPN server as the source of traffic, protecting the privacy of the user.


  • You can set it up yourself for FREE on your router
  • Blocks adult content automatically on every device in your network
  • Likely to increase your Internet connection speed
  • Blocks phishing sites
  • Encrypts communication
  • Protects privacy
  • Enables access to geolocked (country-specific) content because websites think you are browsing from some other location.


  • None to prevent you from setting it up as the first layer of (free) parental controls security
  • May filter out bad websites but not bad content from apps
  • Can be bypassed by tech-savvy kids, so it needs to be supplemented with other layers of parental controls
  • Can be used for circumventing parental controls. If a VPN app is installed on your teen’s phone, it might be a red flag.
  • Can be used for sinister purposes: private browsing of restricted content, Illegal downloads or anything digitally criminal
  • Might contain malware and ads
  • Many content providers (like Netflix) actively try to block VPNs to protect their content from unauthorized use
  • Instead of ISP (Internet Service Provider) tracking you, now it’s the VPN provider 

Where to find it

Although VPN technology is built into some parental controls services like Mobicip or Covenant Eyes, by themselves VPN apps are most often used by teens to bypass parental controls – including clean DNS filters. Free and paid VPN apps are ubiquitous.  

Can DNS and VPN work together?

Network settings of the VPN connection need to be configured to allow OpenDNS, but not on the router level for the entire network, but on the device that uses VPN.

Depends on the DNS configuration of each particular VPN service. The default settings are designed to bypass clean DNS filters, not to work together with them. 

Take Back Control
Sign up for our monthly newsletter to receive latest digital wellbeing research and screen time management solutions. We never share your email with third parties.

Here is how to set up OpenDNS on your family WiFi network and filter inappropriate content – for FREE:

  • Login into your WiFi router by either opening the router’s browser-based utility of your ISP (Internet Service Provider, such as https://myfiosgateway.com) or typing router IP address into a Web browser. A default IP address of the router can be found under Network connection details listed as “IPv4 Default Gateway” and would look like this: Type it into your web browser, and login with administrator username and password – typically listed by your ISP  on the router itself. It’s a good idea to change the password as default passwords are easily found online.
  • In the router settings, access DNS settings: OpenDNS device configuration by router can be found here. The default will be that the WiFi router gets DNS settings from its NAT (Network Address Translation) server.
  • Manually set the Primary and Secondary DNS IP addresses to the OpenDNS IP addresses for Family Shield: and
  • Save this configuration into your WiFi router.

Result: No device using your WiFi network will be able to access inappropriate web pages.