DNS - Add DNS Translation to DNS Profile
DNS translation has moved to the DNS profile configuration, allowing different translations to be applied on a per-policy basis. Prior to 6.2, this was a single table outside of the profile.
DNS filter dns-translation enforces what 'a record' (IP address) in a DNS reply will be translated into another IP address, which allows you to control the DNS resolve result.
To configure a DNS filter using the GUI:
- Go to Security Profiles > DNS Filter.
- Enable DNS Translation, configure as follows, and click Appy:
- Apply the DNS filter profile to the firewall policy.
To configure a DNS filter using the CLI:
- Enable
dns-translation
:config dnsfilter profile
edit "<dns-filter-profile>"
......
config dns-translation
edit 1
set src 93.184.216.34
set dst 10.1.100.99
set netmask 255.255.255.255
next
end
end