Global protect-DNS

Reply
Highlighted
L0 Member

Global protect-DNS

Good afternoon/morning/evening everyone, 

I have an interesting one:I have a group of offshore developers and I thought about setting up a few access routes, doing split tunneling, however the problem is that my DNS being pushed for the agent is my DNS, so they can reach my DNS records, but when they want to reach sub-domains or domains configured by their DNS, no dice. I've seen split DNS as a feature set, but when I tried to 'Exclude' domains it still queries my DNS. This is problematic as it causes them to hop on and off when trying to reach sites, for example, hub.google.com or timesheet.google.com, as I don't have hub or timesheet in my DNS records. Any thoughts? I thought the exclude routes 0.0.0.0/0 maybe? Would that push all traffic out their local adapter and cause them to query their local DNS? 

 

Thanks everyone!!

Highlighted
Cyber Elite

Re: Global protect-DNS

Hi @WilliamPhinney 

Do your developpers use windows? If yes then there is a setting kn the portal>app config which is set to "yes" by default. Try to change this to "no":

Screenshot_20191219-200052_Chrome.jpg

Highlighted
L0 Member

Re: Global protect-DNS

oh that would be great! But they're mac users.

Highlighted
Cyber Elite

Re: Global protect-DNS

@WilliamPhinney,

Unfortunately that's a Windows only feature at the time being.

It used to be that you could put a text file under /etc/resolver/ of the domain you wanted to resolve through different servers and specify the nameserver. I'm not sure if that still works or not, but might be worth a try until I get back to my laptop to see if it still functions. This apparently hasn't been a thing for a very long time, which tells you how long ago I actually needed to use it. 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!