I am using DNS rewrite for a hosted service that we are connecting to, however, the global nature of this feature is causing me some problems now as we are connecting a network we do not manage to our firewall which causes routing to fail to the rewritten addresses.
One of the solutions I am considering is creating a new vsys on the firewall and using this for the rewrite, my reasoning for doing it this way is so that all other DNS traffic that does not go to this new vsys will not have their DNS entries rewritten.
However, I have a concern that moving the DNS rewrites to a separate vsys will not prevent DNS replies being rewritten in the old vsys ( due to the fact the documentation says the DNS rewrite occurs at the global level ). I understand that a separate vsys should for all intents and purposes run as a completely separate logical firewall but I am just a little concerned that this may be a scenario where it doesn't.
Any help here would be greatly appreciated.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!