Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Rabindra_Khadka
Contributor

How to clear the DNS Cache in Checkpoint Firewall.

Hi @PhoneBoy 

 

Do you have an idea regarding "How to clear the DNS Cache in Checkpoint Firewall".

We remove the DNS server in checkpoint Gateway but it still sends the DNS query to the DNS server.

 

Thank You

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

You mean you removed the configured DNS server from Gaia OS so none is configured?
Very much not a recommended configuration as MANY services require DNS and will not function properly without it.

In any case, this may be cached elsewhere in the Security Gateway and cprestart (outage inducing) may be required to clear it.

0 Kudos
Rabindra_Khadka
Contributor

I have configured a proxy server for updates and DNS resolving, so I don't need DNS server configuration in my checkpoint firewall and I have removed it.

However, the firewall is still trying to connect to the DNS server.

I checked the proxy configuration and it is working fine. My firewall is reaching the internet via a proxy server.

 

Does it really require rebooting the firewall? 

0 Kudos
Vladimir
Champion
Champion

You should be using your internal DNS server for Check Point gateways.

If your internal DNS server forwarding the DNS requests to a DNS proxy, you will not be connecting from the gateway to the public DNS and would fill the requirements without breaking functionality.

0 Kudos
PhoneBoy
Admin
Admin

There are still other reasons DNS are needed on the gateway, so not having this configured is NOT recommended.
A cprestart is NOT a reboot, but it does restart all Security Gateway services (and causes an outage). 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events