Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

DNS Proxy

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

DNS Proxy

L2 Linker

guys,

i wanna achieve dns proxy wherein my requirement is as follows:

1. i wanna use my internet browsing PCs to use palo alto defined DNS which will use our ADSL 100mbps connection for browsing.

2. secondly, my other critical PCs will use DNS from existing AD and use Lease Line internet for server access and mission critical tasks.

i feel i can achieve this via dns proxy feature in PAN , but little confused how to go abt it.

appreciate help

22 REPLIES 22

Yes i added both dns proxy rules and static entries.

 

But inside the static entry page also the address need to mention for a fqdn also is only taking ( 172.X.X.X) NOT (172.X.X.X:8888)

i wanna achieve the latter part of this.

 

 

@zaidshaikh,

 

Why do you want to add port? It will only accept IP address not port.

 

Mayur

M

Check out my YouTube channel - https://www.youtube.com/@NetworkTalks

becoz there are servers internally which is running on different services.

otherwise all is working fine. but i cannot move forward if other teams are not able to access these servers for their activity.

 

 

@zaidshaikh,

 

You can't add port in this settings, firewall will not allow to configure same.

 

Also your requirement should be fulfilled without adding port. If you are using DNS proxy rule, you just add DNS server IP against the internal URL. And under static entries, you just need to mention URL against its associated IP. For this, it is not required to configure service port, it should work properly.

 

Mayur

M

Check out my YouTube channel - https://www.youtube.com/@NetworkTalks

Yes you are right.

Becoz we understand is that the dns proxy is doing its job by resolving the URls to IPs configured in the DNS-Proxy.

About Port issue i believe it out of this topic..

@ Mayur,

 

The issue is resolved, the Ip with port is now accessible as we wanted to achieve.

What we found is that on the PAN policy the application tab was set as "application-default", as soon as we made it "Any", it worked with different ports as well.

So the Issue is RESOLVED 🙂 

 

Thanks for your help you made me stick to the topic 😛

 

@zaidshaikh

 

That's great! Can you please mark this question as solved please?

 

Mayur

M

Check out my YouTube channel - https://www.youtube.com/@NetworkTalks

DONE MATE 😛

  • 10883 Views
  • 22 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!