Can you please help us the working of Accept Domain name over UDP (queries) and Accept Domain Name over TCP (Zone transfer) in the global properties.
If we enable what it exactly does.
Hi Vengatesh SR,
This option will enabled DNS queries on UDP/53 and DNS zone transfer over TCP/53 using a implicit rule. In other words, it not necessary create a rule on rulebase to accept dns traffic if this option is enabled.
yes we can see the implicit rule created if we enable the Accept Domain name over UDP (queries) and Accept Domain Name over TCP (Zone transfer). We have already enabled it in our production device. We need to know if we can disable it now we will get any impact or not.
And also wanted to know what it exactly does if we kept enabled.
If you disable these global properties, then DNS lookups and zone transfers through the firewall will be blocked unless it is permitted by a different rule.
If you don't know if these things are happening through the he Security Gateway, then I recommend logging Implied Rules for a time before deciding to disable these properties.
Retrieving data ...