Endian banner

DNS

The DNS proxy is a proxy server that intercepts DNS queries and answers them, without the need to contact a remote DNS server each time it is necessary to resolve an IP address or a hostname. When a same query is often repeated, caching its results locally may sensibly improve performances. The available settings for the DNS proxy are grouped into three tabs.

Proxy configuration

A few options for the DNS proxy can be configured in this page.

Transparent on Green, Transparent on Blue, Transparent on Orange

Tick the checkbox to enable the DNS proxy as transparent on the GREEN, BLUE, and ORANGE zone, respectively. The checkboxes appear only if the corresponding zones are enabled.

Specific sources and destinations can be set up to bypass the proxy by filling in their values in the two text areas.

Bypass from (subnet / IP address / MAC address)

Allow the sources written in the corresponding text area not to be subject to the DNS proxy. The sources can be specified as IP addresses, networks, or MAC addresses.

Bypass to (subnet / IP address

Allow the destinations written under the corresponding text area not to be subject to the DNS proxy. The destinations can be specified as IP addresses or networks.

DNS Routing

This page allows to define a custom nameserver for a given domain. In other words, all DNS query for that domain will be redirected to the corresponding nameserver to retrieve the correct resolution.

A new domain - nameserver combination can be added by clicking on the Add new custom name server for a domain link. When adding an entry, the following options are available:

Domain

The domain for which to use the custom nameserver.

DNS Server

The IP address of the nameserver to use.

Remark

An additional comment.

On each domain in the list, these actions can be carried out:

  • actedit - edit the rule.

  • actdelete - delete the rule.

Anti-spyware

This page presents configuration options about the reaction of the Endian UTM Appliance when asked to resolve a domain name that is known to be either used to propagate spyware or that serves as phishing site. The service is based on a list of malicious domains maintained by phishtank and when a client behind the Endian UTM Appliance tries to access one of these domain, he will be redirected to a non existent domain. To activate the service, click on the grey switch swoff. The following options will appear:

Whitelist domains

Domain names that are entered in the textarea below are never treated as spyware targets, regardless of the list’s content, and therefore will resolve to their correct IP address.

Note

In case a site has wrongly been blacklisted by phishtank, enter its domain name here to allow access to it.

Blacklist domains

Domain names that are entered in the textarea below are always treated as spyware targets, regardless of the list’s content

Spyware domain list update schedule

The update frequency of the spyware domain list. Possible choices are Daily, Weekly, and Monthly.

Note

To download updated signatures, the system must be registered to Endian Network.

Table Of Contents

Previous topic

SMTP

Next topic

The VPN Menu

Documentation archive

Version 3.2
Version 3.0
Version 2.5
Version 2.4
Version 2.3
Version 2.2
Version 2.1

Other products

Endian Hotspot 5.0
Endian 4i Edge 5.0