This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Blason_R
Leader
Leader
‎2023-08-11 01:12 AM
Jump to solution

Can CheckPoint harmony IA and ZTNA from other vendor coexist?

Hi Team,

I am trying a scenario wherein customer already has a ZTNA solution from zscaler and we are going to deploy Harmony IA. So, customer is using zscaler for accessing internal resourced while harmony IA is going to prevent user's internet behaviour.

Now the confusion is - About DNS

Which DNS will be used in this case?

I see CheckPoint Harmony is going to tunnel all the DNS queries

So, in that case if customer is accessing internal resources using FQDN with his internal domain name; I guess checkpoint will resolve it. Since the all the DNS queries are being tunnel by checkpoint for internet access.

Even if I try bypassing those domains e.g. example.local someone has to resolve the FQDNs associated with exmample.local then those will be bypassed.

The main issue I believe will be DNS traffic routes.

Please advise

TIA

Blason R

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
1 Solution

Accepted Solutions
Blason_R
Leader
Leader
‎2023-08-27 11:34 PM
In response to PhoneBoy
Jump to solution

They eventually are; however as suspected facing a dns issue and for that we are now working with TAC

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS

View solution in original post

0 Kudos
2 Replies
PhoneBoy
Admin
Admin
‎2023-08-24 08:38 AM
Jump to solution

The determination about what DNS server to use for what is ultimately up to Windows.
The following might help: https://serverfault.com/questions/84291/how-does-windows-decide-which-dns-server-to-use-when-resolvi... 
As for the clients co-existing, the answer is "they can" but it truly depends on the clients and it's not 100% guaranteed.

Blason_R
Leader
Leader
‎2023-08-27 11:34 PM
In response to PhoneBoy
Jump to solution

They eventually are; however as suspected facing a dns issue and for that we are now working with TAC

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
Upcoming Events

    CheckMates Events