Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
sudheerkumar
Explorer

enable domain lookup for objects in the policy .

Currently firewall R80.10 policies are permitted solely based on ip addresses.
Our client is  running on dynamic IP. Can we whitelist client domain name from firewall instead of IPs while firewall can handle the dns lookup on client host url ? 

DNS servers also not configured on firewall.

Please advise .

Thanks

0 Kudos
6 Replies
G_W_Albrecht
Legend Legend
Legend

Sorry, i do not understand what you are asking. Using IPs in Firewall policy may or may not be a good idea, also that DNS servers are not configured on firewall which is usually a must. Read the Next Generation Security Gateway R80.40 Administration Guide to learn more...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
sudheerkumar
Explorer

Firewall Objects are IP addresses . I was asking about using domain name/url  in place Ip address.

0 Kudos
Chris_Atkinson
Employee Employee
Employee

The use case of domain objects is outlined in sk120633, FQDN mode is recommended.

CCSM R77/R80/ELITE
0 Kudos
sudheerkumar
Explorer

Thanks will check sk120633.   Wonder where / which DNS resolve the object dns name ?

0 Kudos
Chris_Atkinson
Employee Employee
Employee

The DNS settings that you configure in Gaia Web UI / Clish of the Gateway.

CCSM R77/R80/ELITE
0 Kudos
sudheerkumar
Explorer

I am still confused with the steps.

I need to configure rule for

source - 192.168.12.2 (ex. 118.21.31.42 )
Destination - asd-drs-au.pay.robert.com

I will configure local DNS on gaia

on smart console How to create what object . Please help .

 

also concerned about sk133313.

Thanks

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events