Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

DNS Fall Back is not working in GP 5.2.x Series

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

DNS Fall Back is not working in GP 5.2.x Series

L4 Transporter

Hi,

 

I am using GP-5.2.6 with split tunnel, When ever the tunnel configured DNS not resolving a hostname, The traffic is not falling back to local DNS server configured in physical adaptor. Actually this is not working in all 5.2.x series. 

 

But the same scenario working in GP-5.1.8(5.1.x). Palo Alto has introduce split-DNS feature from 5.2 series, Is it anything related with this issue. 

 

 

 

 

Snow
2 REPLIES 2

L6 Presenter

You can test it on test users as it could be related for domains that are added to not enter the split tunnel:

 

 

https://docs.paloaltonetworks.com/globalprotect/8-1/globalprotect-admin/globalprotect-portals/define...

 

 

https://docs.paloaltonetworks.com/globalprotect/5-2/globalprotect-app-new-features/new-features-rele...

 

Also see this option "Resolve All FQDNs Using DNS Servers Assigned by the Tunnel (Windows Only)" as it can also be related to your issue to test changing it for couple of test users that you made specific portal app config to be assigned based on AD user/group:

 

https://docs.paloaltonetworks.com/globalprotect/9-1/globalprotect-admin/globalprotect-portals/define...

 

 

if needed upgrade to the latest globalprotect version.

Hi Nikolay,

 

I already Did, "Resolve All FQDNs Using DNS Servers Assigned by the Tunnel (Windows Only)" without this option in GP 5.1.x the DNS fall back to local DNS, But in 5.2.x it is not. But I enable "Resolve All FQDNs Using DNS Servers Assigned by the Tunnel (Windows Only)". It is working fine. 

Snow
  • 2368 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!