Not a good idea. If you're trying to give internal systems outbound DNS lookup capability, add an Internal Network(s) -> DNS -> ANY rule. Even better, configure the DNS Proxy on the Astaro, and point the internal clients / servers at that.
CTO, Convergent Information Security Solutions, LLC
Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Even better, configure the DNS Proxy on the Astaro, and point the internal clients / servers at that.
Bruce is right. It's generally faster, finds your internal DNS static listed devices, remembers the places you and your office mates go to regularly, creates less traffic on your internet links. Better all around.
Even better, configure the DNS Proxy on the Astaro, and point the internal clients / servers at that.
Bruce is right. It's generally faster, finds your internal DNS static listed devices, remembers the places you and your office mates go to regularly, creates less traffic on your internet links. Better all around.
Internal Network(s) -> DNS -> ANY rule
This is a good idea but how about if we have a primary DNS in the DMZ and a secondary remotely located at a branch office.In this case we also need for zone transfer to work which needs outside access to the DMZ DNS.
Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
