thanks for the reply
device is employed at corporate office - using split tunnelling so local internet access and all other traffic via IPSEC tunnel to corp. network.
i have device (and client DHCP) set with primary DNS pointing to corporate DNS server and secondary pointing to external DSN server
given the above, can you provide detailed information re your solution and how i would implement?
Enable dns proxy on your pan.
set a dns forwarding for your corporate dns zones towards your corporate dns servers
set a forwarding rule for internet dns zones to your ISP dns servers.
configure your clients to do dns-resolving with the DNS-proxy IP on your PAN ( make a loopback interface for this )
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!