DNS Proxy

Reply
Highlighted
L5 Sessionator

@zaidshaikh,

 

Whatever configuration that we are discussing is related to DNS traffic only. As per my understanding, this shouldn't affect your group policy updates from DC etc. For that your system should be part of domain that's it and there should be reachability between PCs and DC.

 

Mayur



Mayur
Highlighted
L2 Linker

I will check and let u know 

 Thanks mayur for ur insights.

Highlighted
L2 Linker

@zaidshaikh ,

 

I think, you are mixing two things, group  policy push and dns functionalities.

Highlighted
L2 Linker

@BK0007 

 

Yes. just now i tried the putting my PC with this new interface IP, am able to resolve dns names also my PC is effecting changes via domain and dns.

Thanks BK and Mayur for making me understand.

 

Now the problem is the same with DNS proxy(ie PAN) also, am not able to resolve any internal URLs (like 172.16.60.X:8888) to resolve i want to know how to add/or put ports insode the DNS proxy rules inside PAN.

 

Thanks Guy:)

Highlighted
L5 Sessionator

@zaidshaikh,

 

Have you added DNS proxy rules?

Under DNS proxy rules, you can add internal URLs  and under domain name section (without port) and internal DNS servers under Primary and Secondary tab. With this, PA firewall will forward mentioned domains to mentioned dns servers. Just make sure, there is reachability internal DNS servers IPs.

 

The other way is to add static entries. Under Static entries tab, enter FQDN and it's associated address.

 

Hope it helps!

 

Mayur



Mayur
Highlighted
L2 Linker

Yes i added both dns proxy rules and static entries.

 

But inside the static entry page also the address need to mention for a fqdn also is only taking ( 172.X.X.X) NOT (172.X.X.X:8888)

i wanna achieve the latter part of this.

 

 

Highlighted
L5 Sessionator

@zaidshaikh,

 

Why do you want to add port? It will only accept IP address not port.

 

Mayur



Mayur
Highlighted
L2 Linker

becoz there are servers internally which is running on different services.

otherwise all is working fine. but i cannot move forward if other teams are not able to access these servers for their activity.

 

 

Highlighted
L5 Sessionator

@zaidshaikh,

 

You can't add port in this settings, firewall will not allow to configure same.

 

Also your requirement should be fulfilled without adding port. If you are using DNS proxy rule, you just add DNS server IP against the internal URL. And under static entries, you just need to mention URL against its associated IP. For this, it is not required to configure service port, it should work properly.

 

Mayur



Mayur
Highlighted
L2 Linker

Yes you are right.

Becoz we understand is that the dns proxy is doing its job by resolving the URls to IPs configured in the DNS-Proxy.

About Port issue i believe it out of this topic..

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!