Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
gcarella
Participant
Jump to solution

How to edit hosts file on Quantum Spark 1590 Appliance

Hi all,

 

I have a simple question to ask to the community. How I can set permanently an entry on the hosts file of the firewall?

My setup is a 1590 Quantum Spark appliance running R80.20.25.

I need to resolve a specific FQDN into a specific IP and not using public DNS servers.

There is no way to do this from GUI, also clish commands are not working or accepted.

So I've tried to edit /etc/hosts file in expert mode, but any change is overwritten automatically after some time. When I write inside /etc/hosts file an entry, this works only for some time. After a while it's overwritten and deleted reverting back the file to default.

 

Any idea?

 

Thank you,

Gianluigi Carella

 

0 Kudos
1 Solution

Accepted Solutions
Tom_Hinoue
Advisor
Advisor

Do you have [Enable DNS Proxy] and [Resolve Network Objects] checked in global DNS settings?

Also not to forget to check [Allow DNS server to resolve this object name] on your network object, and it should work.

netobj_dns.png

View solution in original post

11 Replies
PhoneBoy
Admin
Admin

Editing certain underlying Unix files like that is not supported.
You need to create a specific object for that FQDN either in the WebUI or via the add host CLI command.

0 Kudos
gcarella
Participant

OK but I've tried using a network object and it doesn't work.

When I try to ping the FQDN the IP is resolved with the public IP and not the private one that I have explicitly configured in the network object.

 

What I'm doing wrong?

 

Thanks.

 

0 Kudos
PhoneBoy
Admin
Admin

Is an entry being created in the /etc/hosts file when you create the object?
It is for me when I do it on R80.20.30 firmware anyway.

13D8F8A0-7081-4560-97E8-11CC75C91D78.jpeg

0 Kudos
gcarella
Participant

tried many times, but /etc/hosts doesn't reflect what I've configured as network object.

0 Kudos
Tom_Hinoue
Advisor
Advisor

Do you have [Enable DNS Proxy] and [Resolve Network Objects] checked in global DNS settings?

Also not to forget to check [Allow DNS server to resolve this object name] on your network object, and it should work.

netobj_dns.png

gcarella
Participant

Yeah. This works for me. The solution was for all this time under my eyes.

0 Kudos
Check07090
Participant

After doing  [Enable DNS Proxy] and [Resolve Network Objects] checked in global DNS settings and [Allow DNS server to resolve this object name] on network object, do we still need to make the entries in /etc/hosts file...? Or only making these settings on firewall level only will resolve the DNS since after these settings on firewall level only, I am not able to ping the network object from my desktop while in firewall DNS lookup, object is resolving the IP...

Can any one plz help here...

0 Kudos
G_W_Albrecht
Legend Legend
Legend

No, entries in firewall  /etc/hosts file are defined in WebGUI. Did you look at the hops ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Check07090
Participant

While checking by tracert in command prompt it is showing as 'Unable to resolve target system name xyz.in' 😕

0 Kudos
Check07090
Participant

I just got it work... Since I have manually entered the Google DNS (8.8.8.8) on end user nodes that's why it was not resolving the network objects of CP firewall. Now I mentioned the gateway address in DNS and it starts working...😃

If I don't mention the gateway address in DNS on end user node on ethernet then it doesn't work. Please suggest that mentioning the gateway address in DNS on end user node ethernet is good idea ...?

0 Kudos
Chris_Atkinson
Employee Employee
Employee

Setting the gateway LAN IP in the client DNS settings is a requirement for DNS proxy to work, correct.

CCSM R77/R80/ELITE

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events