Prisma Access
DNS Resolution for Mobile Users—Explicit Proxy Deployments (Panorama)
Table of Contents
DNS Resolution for Mobile Users—Explicit Proxy Deployments (Panorama)
This task shows the possible configurations you can use for Prisma Access to resolve
DNS queries for Explicit Proxy users.
To configure DNS Proxy settings, complete the following steps:
- Add an Explicit Proxy DNS server rule.
- Go to .Select .
![]()
Add to add a region. Select a region or location or select Worldwide.![]()
Add a unique RULE NAME. If you want your internal DNS server to only resolve the domains you specify, enter the domains to resolve in the DOMAIN LIST. Specify an asterisk in front of the domain; for example, *.acme.com.Add a custom IP address under PRIMARY DNS and SECONDARY DNS. You can either Use Cloud Default or use a Custom DNS Server.![]()
If you have a Custom DNS Server that can access your internal domains, specify the Primary DNS and Secondary DNS server IP addresses.Select OK to save the region and the rule.Use Static IP entries to resolve FQDNs to specific IP addresses.Add UDP Queries Retries. You can add Interval (Sec) and specify the number of Attempts for the query.If you want to enable handling of DNS RCODEs, enable Advanced RCODE Support to allow the primary DNS server to fail over to the secondary DNS server, and OK.A DNS response code of SERVFAIL refers to a communication error with the primary DNS server, and a DNS response code of REFUSED means that the primary DNS server refused to provide the requested information. In both cases, the service fails over to the secondary DNS server.Commit and push to Explicit_Proxy_Device_Group.
