Hello,
I saw already the DNS Best Practice Article and UTM Help Section, but still have questions how to change my DNS Server correctly. At the moment I use the utm as dns server, and I have already created all my internal devices as host objects with the dns name and reverse dns marked. The Clients receive the domain.local via DHCP and DNS Configuration via the UTM.
Web filtering SSL Proxy in Transparent Mode is active and i have also Multipath Routes defined:
Interfaces – Multipath Routes:
PC1 – Any – Internet IPv4 – External (WAN)
PC2 – Any – Internet IPv4 – DMZ VPN
Actual DNS Config with UTM
Under DNS – Global – Allowed Networks:
DMZ VPN Network
Internal Network
DNS Forwarders:
External Forwarders Google (Host Object)
Request Routing:
168.192.in-addr.arpa → UTM
33.172.in-addr.arpa → UTM
utm.local -> UTM
Planned Config with Linux DNS Server:
I have now installed an Internal Linux DNS Server with the following config:
192.168.0.5/24
GW: 192.168.0.1 (UTM)
DNS: 127.0.0.1
Under Network Protection – Firewall I have added:
Source: Linux DNS
Service:
HTTPS (443/tcp)
DNS (53/udp)
Destination: 8.8.8.8 (created Google DNS Host Object)
Allow
Questions:
- Allowed Networks: As I have created all Devices as Host Objects and allow recursive DNS, can I leave the Internal and DMZ Network here, even with the other Internal Linux DNS Server (192.168.0.5) as Forwarder specified?
- Request Routing: Do I have to change here the Target from UTM to the Linux DNS Server (domain.local -> Linux DNS) , and also the in adr apa networks target to the new dns server or can I leave still here the UTM and it will be sufficient when just under Forwarders the Linux DNS Server (192.168.0.5) is specified, what should send out the request to the External Google DNS Server
Thanks
br
This thread was automatically locked due to age.
