Configure DNS

The NGFW Engine uses domain name system (DNS) servers to resolve domain names to IP addresses.

Note: This feature requires Internet connectivity.

The NGFW Engine needs DNS resolution to contact services that are defined using URLs or domain names, and to resolve fully qualified domain names (FQDNs) used in policies.

There are two ways to define DNS servers:

  • You can create reusable DNS Server elements.
  • You can add the IP addresses of DNS servers directly to the NGFW Engine properties.

You can add several DNS servers to the NGFW Engine. The NGFW Engine uses the DNS servers in the order that they are listed. If the first DNS server is not available, the NGFW Engine uses the next DNS server in the list.

Steps

  1. (Optional) Create a DNS Server element.
    This element can be found under Elements > Network Elements > Server.
  2. Browse to NGFW > Properties > General.
  3. In the DNS Servers field, define the DNS server in one of the following ways:
    • Select > Element, then click the Element field and select the DNS Server element. Type part of the name of an element or browse through the drop-down list to select an element.
    • Select > Address, then enter the IP address of the DNS server.
  4. Click Save.
  5. Publish the changes.

Example

Fields marked with an asterisk in the user interface are mandatory.

Table 1. DNS Server element
Option Definition
IP List The IP addresses of the DNS server.

Enter one IP address per row. If you have a list of IP addresses where each IP address is on a separate row, you can copy and paste the list.To remove a row, click Remove next to the row. To remove all rows, click Clear All.
Time To Live Defines how long a DNS entry can be cached before querying the DNS server again.
Update Interval Defines how often the DNS entries can be updated to the DNS server if the link status changes constantly.