I thought you were heading down the right path on your earlier post. However,
for most routers people can often override their DNS settings on their computer to get around that. We ended up blocking internal (but outbound) DNS requests to the router; it seems to have worked.