What is Private DNS Override?

Description

The Private DNS Override setting is seen below:

Image

Is responsible for routing traffic to a Hosted Website service while a user is connected to a Service Tunnel which includes the IP or Domain of the Hosted Website. By default the feature is enabled, checking the box will disable the feature. 


Resolution

While enabled, if you are connected to a Service Tunnel and try to access a Hosted Website. The AccessTier intercepts the DNS request going down the tunnel. The AccessTier will then return its IP address instead of looking up against DNS. This is the override.

As part of the Service Tunnel's configuration, this IP will have a direct route out of your WiFi. Thus, the traffic for the hosted websites is forced out of the tunnel and into the HTTP L7 Policy setup for the hosted websites.

For Example: 

  • AccessTier Public IP = 50.16.0.70
  • WebApp-A Internal IP = 10.0.0.5
  • User-A is Connected to a Service Tunnel and wants to access WebApp-A. WebApp-A is secured by both a hosted website and a service tunnel.


When this feature is enabled (default), it will return the IP 50.16.0.70 from the client's DNS request for the Webserver Address and route traffic outside of the tunnel to the AccessTier making policy decisions. 

If the feature is disabled, the DNS request will go through the tunnel and resolve at the AccessTier's or the Connector's DNS Provider to return 10.0.0.5.

Related Articles

  • Authorization Error: Unregistered user device with email
    Read More
  • CSE provisioning never completes when MySonicWall Company name does not start with a letter
    Read More
  • Routing Cloud Secure Edge (CSE) Traffic to Remote Sites via Site-to-Site VPN
    Read More

Categories

Cloud Secure Edge
Secure Private Access
not finding your answers?
Ask the Community