Configure a DNS Server Profile
Table of Contents
Expand All
|
Collapse All
Next-Generation Firewall Docs
-
-
- Cloud Management of NGFWs
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1 & Later
- PAN-OS 9.1 (EoL)
-
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1 & Later
-
-
-
- Cloud Management and AIOps for NGFW
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1
- PAN-OS 11.2
- PAN-OS 8.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 9.1 (EoL)
Configure a DNS Server Profile
Configure a DNS
Server Profile, which simplifies configuration of a virtual
system. The Primary DNS or Secondary
DNS address is used to create the DNS request that the
virtual system sends to the DNS server.
- Name the DNS server profile, select the virtual system to which it applies, and specify the primary and secondary DNS server addresses.
- Select DeviceServer ProfilesDNS and Add a Name for the DNS server profile.For Location, select the virtual system to which the profile applies.For Inheritance Source, select None if the DNS server addresses are not inherited. Otherwise, specify the DNS server from which the profile should inherit settings. If you choose a DNS server, click Check inheritance source status to see that information.Specify the IP address of the Primary DNS server, or leave as inherited if you chose an Inheritance Source.Keep in mind that if you specify an FQDN instead of an IP address, the DNS for that FQDN is resolved in DeviceVirtual SystemsDNS Proxy.Specify the IP address of the Secondary DNS server, or leave as inherited if you chose an Inheritance Source.Configure the service route that the firewall automatically uses, based on whether the target DNS Server has an IP address family type of IPv4 or IPv6.
- Click Service Route IPv4 to enable the subsequent interface and IPv4 address to be used as the service route, if the target DNS address is an IPv4 address.Specify the Source Interface to select the DNS server’s source IP address that the service route will use. The firewall determines which virtual router is assigned that interface, and then does a route lookup in the virtual router routing table to reach the destination network (based on the Primary DNS address).Specify the IPv4 Source Address from which packets going to the DNS server are sourced.Click Service Route IPv6 to enable the subsequent interface and IPv6 address to be used as the service route, if the target DNS address is an IPv6 address.Specify the Source Interface to select the DNS server’s source IP address that the service route will use. The firewall determines which virtual router is assigned that interface, and then does a route lookup in the virtual router routing table to reach the destination network (based on the Primary DNS address).Specify the IPv6 Source Address from which packets going to the DNS server are sourced.Click OK.Commit the configuration.Click OK and Commit.