Juniper / PulseSecure Archive - Seite 10 von 29

Juniper/Netscreen Firewalls: Was ist Proxy DNS ?

Das DNS Proxy Feature an Juniper Firewalls erlaubt es den Clients, ihre Anfragen zu „splitten“. meinezone1.de soll zum NS ns1.domain.de und meinezone2.de soll zum NS ns2.domain.de geleitet werden. Dazu wird der Firewall bei den Clients als „DNS-Proxy“ eingetragen. The DNS proxy feature provides a transparent mechanism that allows clients to make split DNS queries. The proxy redirects the DNS queries selectively to specific DNS servers, according to partial or complete domain specifications. This is useful when VPN tunnels or PPPoE virtual links provide multiple network connectivity, and it is necessary to direct some DNS queries to one network, and other queries to another network. Initialize Proxy DNS Server Initiates or deletes the DDNS module. Initiating the module allocates all resources …

DNS Proxy auf Netscreen / Juniper Routern (z.B. NS5)

siehe auch http://www.krakovic.de/juniper-proxy-dns/ On what Interface should Proxy DNS be set? Problem or Goal: Juniper firewall is not using DNS servers configured on Proxy DNS configuration. Solution: Ensure the Proxy DNS option is selected on the ScreenOS Interface configuration web page (Network > Interfaces) for all interfaces that are receiving DNS queries and need to be forwarded to the appropriate DNS servers as configured on the DNS Proxy Configuration web page (Network > DNS > Proxy ) Example: Client (192.168.1.5)——-192.168.1.1 (Trust) Netscreen (Untrust) 1.1.1.1 ———–Internet In the sample network, the Firewall should have following command: set interface trust proxy dns