Define External DNS Server elements
There are some cases in which you must define an External DNS Server element.
- (Firewalls only) For dynamic DNS (DDNS) updates with a Multi-Link configuration.
- (Firewalls only) If you want to use a DNS server for resolving malware signature mirrors.
- If you want to use a DNS server for resolving domain names and URL filtering categorization services on Firewalls, IPS engines, and Layer 2 Firewalls.
You can also optionally use External DNS Server elements to specify the DNS servers to which the firewall forwards DNS requests when you configure DNS relay.
For more details about the product and how to configure features, click Help or press F1.
Steps
-
Select
Configuration.
External DNS Server Properties dialog box
Use this dialog box to define external Domain Name System (DNS) Server properties.
| Option | Definition |
|---|---|
| General tab | |
| Name | The name of the element. |
| IP Address | Enter the IP address of the server. |
| Resolve | Automatically resolves the IP address of the server. |
| Time to Live | Defines how long a DNS entry can be cached before querying the DNS server again.
The default is 1 second. |
| Update Interval | Defines how often the DNS entries can be updated to the DNS server if the link status changes constantly.
The default is 10 seconds |
| Secondary IP Addresses | Specifies any additional device IP addresses. You can enter the additional IP addresses here instead of creating more elements for the other IP addresses. The secondary IP addresses are valid in policies and in routing and antispoofing. You can add several IPv4 and IPv6 addresses (one at a time). Click Add to add an element to the list, or Remove to remove the selected element. |
| Category (Optional) |
Includes the element in predefined categories. Click Select to select a category. |
| Tools Profile | Adds commands to the element right-click menu.Click Select to select an element. |
| Comment (Optional) |
A comment for your own reference. |
| Option | Definition |
|---|---|
| Monitoring tab | |
| Log Server | The Log Server that monitors the status of the element. |
| Status Monitoring | When selected, activates status monitoring for the device. You must also select the Probing Profile that contains the definitions for the monitoring. When you select Status Monitoring, the element is added to the tree in the Home view. |
| Probing Profile | Shows the name of the selected Probing Profile. Click Select to select a Probing Profile element. |
| Log Reception | Activates syslog reception from this device. You must select the Logging Profile that contains the definitions for converting the syslog entries to SMC log entries. You must also select the Time Zone in which the device is located. By default, the local time zone of the computer you are using is selected. |
| Logging Profile | Shows the name of the selected Logging Profile. Click Select to select a Logging Profile element. |
| Time Zone | Selects the time zone for the logs. |
| Encoding | Selects the character set for log files. |
| SNMP Trap Reception | Enables the reception of SNMP traps from the third-party device. |
| NetFlow Reception | Enables the reception of NetFlow data from the third-party device. The supported versions are NetFlow v5, NetFlow v9, and IPFIX (NetFlow v10). |
| Option | Definition |
|---|---|
| NAT tab | |
| Firewall | Shows the selected firewall. |
| NAT Type | Shows the NAT translation type: Static or Dynamic. |
| Private IP Address | Shows the Private IP Address. |
| Public IP Address | Shows the defined Public IP Address. |
| Port Filter | Shows the selected Port Filters. |
| Comment | An optional comment for your own reference. |
| Add NAT Definition | Opens the NAT Definition Properties dialog box. |
| Edit NAT Definition | Opens the NAT Definition Properties dialog box for the selected definition. |
| Remove NAT Definition | Removes the selected NAT definition from the list. |