I am checking out DNS proxy as a possible use case. We have a requirement to log DNS requests that include the true source info. We have a few environments with wireless clients that will not otherwise have our normal agents or tools installed in order to get DNS info. If it goes through the firewall for DNS proxy, where are the logs tied to the true source machine that sent the request? If the firewall responds with local cache, is that logged? If it forwards the request to an internal DNS server, is that logged so we can see the actual source? I assume the downstream DNS server will simply see the management IP of the firewall as the source from its perspective. I have checked the documentation, but haven't seen in-depth diagrams or descriptions to understand the full flow.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!