about dns proxy

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

about dns proxy

L3 Networker

Hi,

when i enabled the dns proxy on the any firewall interface, what should be clients dns address?

regards

1 accepted solution

Accepted Solutions

Hi...When you enable DNS proxy, it is required that you define the default Primary DNS setting.  If you don't configure the primary DNS server, the system will not let you save the change.

Thanks.

View solution in original post

5 REPLIES 5

L6 Presenter

I think you're asking what DNS server(s) the client will use.  If so, the DNS proxy setting allows you to define the default primary & secondary DNS servers to hand out to the clients.  You can also configure static DNS entries.  The static DNS entries will be used to respond to clients' DNS requests when the domain matches.  Static DNS entries will take precedence over dynamic DNS.

Thanks.

Hi

thanks for answer, but i am asking just when enabled dns proxy on any interface, what could be clients dns ip address,,

for example i enabled dns proxy on the firewall interface (ip address called 192.168.1.1)

at this point clients dns ip address could be 192.168.1.1 or could be any dns server?

regards

Hi...When you enable DNS proxy, it is required that you define the default Primary DNS setting.  If you don't configure the primary DNS server, the system will not let you save the change.

Thanks.

Hi,

i understand how can configure dns proxy (on the pa interface called 192.168.1.1)

i just asking this question

clients ip setting

ip address: 192.168.1.5

mask: 255.255.255.0

default gw: 192.168.1.1

DNS server : 192.168.1.1 or any ip adress of dns server?

regards

Yes, the client can point to the interface IP 192.168.1.1 as the DNS server.  For all DNS queries that are directed to an interface IP address, the firewall supports the selective  directing of queries to different DNS servers based on full or partial  domain names.

If the domain name is not found in the DNS proxy cache, the domain name is searched for a match  based on configuration of the entries in the specific DNS proxy object  (on the interface on which the DNS query arrived) and forwarded to a  name server based on the match results. If no match is found, the  default name servers are used. Static entries and caching are also  supported.

Optionally in cases where your clients are already pointing to an existing DNS server like 4.2.2.2, you can use our DNS proxy to intercept DNS queries and control the DNS responses.  DNS proxy will match on the domain name and respond with the static DNS entry.

Thanks.

  • 1 accepted solution
  • 2992 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!