ssh to USG and execute:
mca-ctrl -t dump-cfgthen find parts you want to change, in my case custom DNS entries (static IP mappings in GUI necessary) and a destiantion Nat für all DNS queries, example:
{
"system": {
"static-host-mapping": {
"host-name": {
"hostA.local": {
"alias": [
"hostA"
],
"inet": [
"192.168.32.64"
]
},
"hostB.local": {
"alias": [
"hostA.local"
],
"inet": [
"192.168.32.66"
]
}
}
}
},
"service": {
"nat": {
"rule": {
"76": {
"description": "DNS catch for vlan 76",
"destination": {
"port": "53"
},
"inbound-interface": "eth1.76",
"inside-address": {
"address": "192.168.32.1"
},
"log": "enable",
"protocol": "tcp_udp",
"type": "destination"
}
}
}
}
}Place this file under /var/lib/unifi/data/sites/default/config.gateway.json on the controller and provision USG via GUI.
You can check success by issuing: ```show nat translations``` on your USG. You will see a lot of entries from Google Home devices, as they ignore the DNS provided from DHCP. Next step would be to use DNS over TLS. To be continued...