This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ale_G
Participant
3 weeks ago

DNS Forwarding only for specific domain

Hello everyone,
Hardware: Spark 1535
Version: R82


I plan to use this firewall as the DNS server for the entire managed network.
I need to configure DNS forwarding only for one specific domain: file.core.windows.net.

google.com -> resolved by the DNS servers configured on the firewall
a.file.core.windows.net → forwarded for resolution to a different DNS server

For this type of appliance I have seen that there isn't way to configure DNS forwarding.

Is there another way to do that?

I tried to follow the article below, but it didn’t work in my case. Am I missing something?

Solved: DNS forwarding for internal domain - Check Point CheckMates

Many thanks,

Alessandro

0 Kudos
4 Replies
PhoneBoy
Admin
Admin
3 weeks ago

Considering the platform includes dnsmasq, which can absolutely perform this task, it should be possible.
That said I don't have access to an R82-based unit to confirm if the process in that thread will work.
It might be possible with some manual configuration applied to /pfrm2.0/etc/dnsmasq.conf.

0 Kudos
Ale_G
Participant
3 weeks ago
In response to PhoneBoy

I tried using the script from the article, but it didn’t work.

#!/bin/sh
kill -9 $(cat /var/run/dnsmasq.pid)
DOMAIN=$(cat /etc/resolv.conf | grep search | awk {'print $2'})
if [ -z "$DOMAIN" ]; then
/pfrm2.0/bin/dnsmasq -y -x /var/run/dnsmasq.pid -h -H /var/hosts -c 0\
 --server=/file.core.windows.net/172.10.11.12
else
/pfrm2.0/bin/dnsmasq -y -x /var/run/dnsmasq.pid -h -H /var/hosts -c 0 -E --domain=#\
 --server=/file.core.windows.net/172.10.11.12
fi
unset DOMAIN

 Regarding the dnsmasq.conf file, could we try adding the following line?

server=/file.core.windows.net/172.10.11.12
0 Kudos
PhoneBoy
Admin
Admin
3 weeks ago
In response to Ale_G

That looks about right.
Not sure if dnsmasq.conf is preserved with firmware upgrades or not (or even a reboot).

0 Kudos
Ale_G
Participant
3 weeks ago
In response to PhoneBoy

From what I understand, the userScript file is executed at every appliance boot, so even if the dnsmasq.conf file is not preserved, the script should take care of fixing it. However, it still doesn’t work. I tried both from a client and from the tool integrated in the Gaia GUI, and it keeps going to the DNS servers configured on the appliance instead of the one configured in the configuration file

2026-04-21_083209.png2026-04-21_083734.png

 

 

 

 

 

 

When executing the script manually, no errors are reported, which suggests that the root cause is likely elsewhere. I will continue with further testing and analysis.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    In-Person

    Tue 19 May 2026 @ 08:00 AM (EDT)

    Montreal: P’tits déj Cyber! | Cyber Breakfasts!
    In-Person

    Tue 02 Jun 2026 @ 09:00 AM (CEST)

    CheckMates Live Denmark - Aarhus
    In-Person

    Wed 03 Jun 2026 @ 09:00 AM (CEST)

    CheckMates Live Denmark - Copenhagen
    CheckMates Events