freeGuard 100 CLI User Manual
47
DNS translation translates IP addresses in packets sent by a DNS server from the internal network to
the external network. Use DNS translation if you have a DNS server on your internal network that can
be accessed by users on the external network to find the IP addresses of servers on your internal
network.
If users on the external network can access a server on your internal network using virtual IP mapping,
you may allow them to find the IP address of the server using a DNS query. If they query a DNS
server that is also on your internal network, the DNS server would return the internal IP address of the
server. The external users would not be able to use this IP address to access the internal server.
Using DNS translation, you can map the internal IP address of the server to an address that external
users can use to access this server. So, when the firewall receives DNS packets from the internal
network that match a DNS translation source address, DNS translation changes the IP address in the
DNS packet to the DNS translation destination IP address and forwards the packet through the firewall
to the external user.
Command syntax pattern
config firewall dnstranslation
edit <id_integer>
set <keyword> <variable>
end
config firewall dnstranslation
edit <id_integer>
unset <keyword>
end
config firewall dnstranslation
delete <id_integer>
end
get firewall dnstranslation [<id_integer>]
show firewall dnstranslation [<id_integer>]
firewall dnstranslation command keywords and variables
Keywords & Variables Description
Default
dst <destination_ipv4>
The destination address can be a single external IP
address or the IP address of a subnet accessible from
the external network.
No default.
netmask
<address_mask>
Set the netmask as required for the source and
destination address type.
No default.
src <source_ipv4>
The source address can be a single IP address on the
internal network or the IP address of a subnet.
No default.
Note:
The source and destination addresses must both be single IP addresses or must both be
subnet addresses. The netmask applies to both the source and destination addresses.
Summary of Contents for freeGuard 100
Page 1: ...freeGuard 100 UTM Firewall CLI USER S MANUAL P N F0025000 Rev 1 1...
Page 3: ......
Page 7: ......
Page 87: ...80 The config ips anomaly command has 1 subcommand config limit...
Page 183: ...176...