Configure the Appliance in DNS Mode
Configure the Appliance in DNS Mode
Note
DNS Connector and DNS mode on DPoP will be retired on 9/30/24. Refer to EOL for DNS Connector & DNS Mode on DPoP for more details.
To configure the appliance in DNS mode,
Note
In appliance version 58 and later, the CLI property listener-ip
is changed to listener-interface
in configuration commands.
- Configure the IP address that the appliance uses to listen for DNS requests. This address is the first address specified for the inbound interface IP. If an IP range was specified for inbound , use the first IP address in that range (in canonical order), or use inbound interface’s IP.
set dataplane proxy-mode dns listener-ip 172.16.1.10
or,
set dataplane proxy-mode dns listener-interface dp1
- Configure the addresses that the appliance uses for DNS responses from cloud app domains. This addresses will be from the range of addresses specified for the inbound interface IP.
set dataplane proxy-mode dns application-ips 172.16.1.10-172.16.1.60,172.16.1.64,172.16.1.65-172.16.1.125,172.16.1.200-172.16.1.225
- Configure the default IP address that the appliance uses to listen to the client traffic. This address is the first address configured on the inbound interface.
set dataplane proxy-listener-ip 172.16.1.10
or,
set dataplane proxy-listener-interface dp1
- Enable DNS service on the appliance.
set dataplane proxy-mode dns enable true
- Configure the primary upstream DNS Server in the network.
set dns primary <primary upstream dns server> set dns secondary <secondary upstream dns server>