Configuring the DNS Server
In the Device > DNS page you can configure the DNS server configuration and define the domain name.
Configure DNS Servers
-
Select to define up to three DNS servers which is applied to all Internet connections or use the DNS configuration provided by the active Internet connection (Primary).
If you select Configure DNS servers, make sure that you enter valid IP addresses.
Use the first option if your DNS servers are located in the headquarters office. In this case, all DNS requests from this branch office are directed to these DNS servers.
The second option allows a more dynamic definition of DNS servers. The gateway uses the DNS settings of the currently-active Internet connection (in case of static IP – the DNS manually provided under "Internet connection"-> Edit, in case of DHCP / Dialers – the DNS automatically provided by the ISP). If Internet Connection High Availability is enabled, the DNS servers switch automatically upon failover.
-
By default, the appliance functions as your DNS proxy and provides DNS resolving services to internal hosts behind it (network objects). This option is global and applies to all internal networks.
To get IP addresses directly from the DNS servers defined above, clear the Enable DNS Proxy checkbox.
When DNS proxy is enabled, Resolve Network Objects controls if the DNS proxy treats the local network objects as a hosts list. When selected, the local DNS servers resolves network object names to their IP addresses for internal network clients.
-
Enter a Domain Name. There are two separate uses of the domain name:
-
Local hosts (the Security Gateway
A dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. and network objects) are optionally appended with the domain name when DNS resolving is performed. -
DNS queries that do not contain a domain name are automatically appended with the domain name.
Note - Syntax guidelines:
-
The domain name must start and end with an alphanumeric character.
-
The domain name can contain periods, hyphens, and alphanumeric characters.
-
-
Click Apply
Forwarding the DNS requests from internal hosts to the configured DNS servers
In versions R81.10.15 and higher
The default behavior is to forward the DNS requests only to the DNS servers configured in the Primary Internet connection.
Starting in this version, you can change the behavior to forward DNS requests to all configured DNS servers.
-
In WebUI, click the Device view.
-
In the Advanced section, click Advanced Settings.
-
Search for: Enable primary DNS only.
-
Double-click this setting.
-
Clear the checkbox Enable primary DNS only.
-
Click Save.
In version R81.10.10 Builds 996002874 and higher
Starting in this build, you can change the behavior to forward the DNS requests only to the DNS servers configured in the Primary Internet connection.
-
In WebUI, click the Device view.
-
In the Advanced section, click Advanced Settings.
-
Search for: Enable primary DNS only.
-
Double-click this setting.
-
Select the checkbox Enable primary DNS only.
-
Click Save.
In version R81.10.10 Builds lower than 996002874
The default behavior is to forward DNS requests to all configured DNS servers.
It is not possible to change this behavior.
In version R81.10.08 Builds B996001735 and higher
The default behavior is to forward the DNS requests only to the DNS servers configured in the Primary Internet connection.
Starting in this build, you can change the behavior to forward DNS requests to all configured DNS servers.
-
In WebUI, click the Device view.
-
In the Advanced section, click Advanced Settings.
-
Search for: Enable primary DNS only.
-
Double-click this setting
-
Clear the checkbox Enable primary DNS only/
-
Click Save.
In version R81.10.08 (Builds lower than B996001735) and lower versions
The default behavior is to forward DNS requests to all configured DNS servers.
It is not possible to change this behavior.