Assuming that you allow DHCP to get the IP addresses of the ISP's DNS
severs, the ISP does the DNS for everything except your encryption domain.
You internal DNS servers handle the internal requests.
On the firewall, your dnsinfo file specifies for which domian(s) DNS should
be translated/encrypted. the SecuRemote client downloads the topology from
dnsinfo when a site is created. The SecuRemote client intercepts DNS
requests and if the domain matches that in dnsinfo, it forwards the request
to the internal server. Otherwise, the request goes to the ISP DNS server.
That said, it is possible to specify the internal DNS server on the
SecuRemote client as the only DNS server. If you do this, all DNS requests
go to the internal server.
David Hoobler
-----Original Message-----
From: John Gesualdi [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 07, 2001 12:38 PM
To: Fw1_list (E-mail)
Subject: [FW1] Encrypt DNS question
I've configured my firewall to support the feature that allows the
secure remote clients to resolve internal machine names. It's working
well but I do have a questions on it's operation?
1. A user with a cable modem surfs the Internet, Is my Internal DNS
resolving that or is the ISP DNS doing it? How does that work?
--
John A. Gesualdi, CCNP, CCDP, MCP
[EMAIL PROTECTED]
The Providence Journal Company
Phone (401)277-8133
Pager (401)785-6938
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
