DNS - Add DNS Translation to DNS Profile
DNS translation has moved to the DNS profile configuration, allowing different translations to be applied on a per-policy basis. Prior to 6.2, this was a single table outside of the profile.
DNS filter dns-translation enforces what 'a record' (IP address) in a DNS reply will be translated into another IP address, which allows you to control the DNS resolve result.
To configure a DNS filter using the GUI:
- Go to Security Profiles > DNS Filter.
- Enable DNS Translation, configure as follows, and click Appy:
- Apply the DNS filter profile to the firewall policy.
To configure a DNS filter using the CLI:
config dnsfilter profile
set src 22.214.171.124
set dst 10.1.100.99
set netmask 255.255.255.255