This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
cp-bc123
Participant
‎2020-05-12 09:48 AM

DNS Server Replace

Hi,

 

I am trying to replace DNS servers IPs on gateways. after I changed IP address of primary and secondary and tertiary DNS server.

 

I noticed DNS queries were still being made agaisnt the old ones.

 

How can I force or restart dns service of the gateway to start using the new ones?

 

if there are proper steps I should take to make this change, can you share please?

0 Kudos
9 Replies
PhoneBoy
Admin
Admin
‎2020-05-12 07:52 PM

It's possible one or more processes have cached the DNS Servers to use.
You may need to perform a cprestart (which is service impacting) to fix this.
0 Kudos
cp-bc123
Participant
‎2020-05-14 10:09 AM
In response to PhoneBoy

Thank you for the reply.

 

I did cprestart but not all the cp services come back online . so I ended up rebooting the box as we have HA.

0 Kudos
DR_74
Collaborator
‎2023-03-14 08:32 AM
In response to cp-bc123

Hello,

Does the reboot solves your issue?

We have the same behaviour on a R81.10 Gateway (with VSX), and even after changing the DNS servers, we still see requests to the old DNS servers.

Thanks

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2023-03-15 12:47 AM
In response to DR_74

Yes most likely this will address the issue based on my prior experience. 

CCSM R77/R80/ELITE
0 Kudos
JohAicher
Explorer
‎2023-03-20 05:51 AM
In response to Chris_Atkinson

cpwd_admin stop -name WSDNSD -path "$FWDIR/bin/wsdnsd" -command "fw kill wsdnsd"; cpwd_admin start -name WSDNSD -path "$FWDIR/bin/wsdnsd" -command "wsdnsd"

0 Kudos
JohAicher
Explorer
‎2023-03-20 05:54 AM
In response to JohAicher

sk161632

 

0 Kudos
_Val_
Admin
Admin
‎2023-03-20 06:38 AM
In response to JohAicher

Uh, so the question was about DNS related to HTTPSi or updatable objects, or both? 

0 Kudos
DR_74
Collaborator
‎2023-03-20 06:42 AM
In response to _Val_

Hi Val

Exactly the question was about changing the DNS server for the VSX. When we change them from VS0 for all the other vs we notice that we still have requests to the old DNS servers. Show dns show the correct DNS servers

Do we need to reboot or is the a known command to ask to use the new DNS

Regards

0 Kudos
JohAicher
Explorer
‎2023-03-21 07:36 AM
In response to DR_74

just run:

 

cpwd_admin stop -name WSDNSD -path "$FWDIR/bin/wsdnsd" -command "fw kill wsdnsd"; cpwd_admin start -name WSDNSD -path "$FWDIR/bin/wsdnsd" -command "wsdnsd"

and you see that the DNS queries goes to the new DNS Server - for all services running on the CP box

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top