Define External DNS Server elements

There are some cases in which you must define an External DNS Server element.

  • (Firewalls only) For dynamic DNS (DDNS) updates with a Multi-Link configuration.
  • (Firewalls only) If you want to use a DNS server for resolving malware signature mirrors.
  • If you want to use a DNS server for resolving domain names and URL filtering categorization services on Firewalls, IPS engines, and Layer 2 Firewalls.

You can also optionally use External DNS Server elements to specify the DNS servers to which the firewall forwards DNS requests when you configure DNS relay.

If the device has additional IP addresses, you can enter them as secondary IP addresses instead of creating additional External DNS Server elements. However, secondary IP addresses are only used in the Source and Destination cells in rules. They are ignored otherwise.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Select Configuration, then browse to Network Elements.
  2. Right-click Servers, then select New > External DNS Server.
  3. In the Name field, enter a unique name.
  4. In the IP address field, enter the IP address of the server.
    Note: Only IPv4 addresses are supported for DNS servers for DDNS updates.
  5. Configure the other settings.
  6. Click OK.

External DNS Server Properties dialog box

Use this dialog box to define external Domain Name System (DNS) Server properties.

Option Definition
General tab
Name The name of the element.
IP Address

The IP address of the server. Click Resolve to automatically resolve the IP address of the server.

Note: Only IPv4 addresses are supported for DNS servers for DDNS updates.
Time to Live Defines how long a DNS entry can be cached before querying the DNS server again.

The default is 1 second.

Update Interval Defines how often the DNS entries can be updated to the DNS server if the link status changes constantly.

The default is 10 seconds

Secondary IP Addresses Specifies any additional device IP addresses.

You can enter the additional IP addresses here instead of creating more elements for the other IP addresses. The secondary IP addresses are valid in policies and in routing and antispoofing. You can add several IPv4 and IPv6 addresses (one at a time).

Click Add to add an element to the list, or Remove to remove the selected element.
Category

(Optional)

Includes the element in predefined categories. Click Select to select a category.
Tools Profile Adds commands to the right-click menu for the element. Click Select to select an element.
Comment

(Optional)

A comment for your own reference.
Option Definition
Monitoring tab
Log Server The Log Server that monitors the status of the element.
Status Monitoring When selected, activates status monitoring for the device. You must also select the Probing Profile that contains the definitions for the monitoring. When you select Status Monitoring, the element is added to the tree in the Dashboard view.
Probing Profile Shows the name of the selected Probing Profile. Click Select to select a Probing Profile element.
Log Reception Activates syslog reception from this device. You must select the Logging Profile that contains the definitions for converting the syslog entries to SMC log entries. You must also select the Time Zone in which the device is located. By default, the local time zone of the computer you are using is selected.
Logging Profile Shows the name of the selected Logging Profile. Click Select to select a Logging Profile element.
Time Zone Selects the time zone for the logs.
Encoding Selects the character set for log files.
SNMP Trap Reception Enables the reception of SNMP traps from the third-party device.
NetFlow Reception Enables the reception of NetFlow data from the third-party device. The supported versions are NetFlow v5, NetFlow v9, and IPFIX (NetFlow v10).
Option Definition
NAT tab

(All optional settings)

Firewall Shows the selected firewall.
NAT Type Shows the NAT translation type: Static or Dynamic.
Private IP Address Shows the Private IP Address.
Public IP Address Shows the defined Public IP Address.
Port Filter Shows the selected Port Filters.
Comment An optional comment for your own reference.
Add NAT Definition Opens the NAT Definition Properties dialog box.
Edit NAT Definition Opens the NAT Definition Properties dialog box for the selected definition.
Remove NAT Definition Removes the selected NAT definition from the list.