Hi Folks,

I am aware of the functionality of DNS proxy under ISP redundancy configuration. However, wondering if is it safe to be used in production? Can CheckPoint still offer support if any issue occurs?

And in my below setup - please let me know if my understanding is correct.

I have zone example.com which NS is set at let's say GoDaddy

Now I set up test.example.com website behind my CheckPoint. My firewall topology is

1. ISP-1 1.1.1.1
2. ISP-2 2.2.2.2

test.example.com Natted with 1.1.1.10 and 2.2.2.10. In this case, if I need to achieve incoming traffic failover I need point NS internally. So, I could create sub-domain delegation for zone

test.example.com NS

ns1.test.example.com 1.1.1.5

ns2.test.example.com 2.2.2.5

In this case when test.example.com is resolved; I will be forwarded to 1.1.1.5 and CheckPoint should intercept it and provide me with the IP address of that link respectively?