Kerio Tech KERIO WINROUTE FIREWALL 6 User Manual

Chapter 25

Specific settings and troubleshooting

350

All DNS names missing a suitable rule will be dialed automatically by the DNS module when

demanded.

In Actions for DNS name, you can select either the Dial or the Ignore option. Use the second

option to block dialing of the line in response to a request for this DNS name. The Dial action

can be used to create complex rule combinations. For example, dial can be permitted for one

name within the domain and denied for the others (see figure

25.5

).

Dial of local DNS names

Local DNS names are names of hosts within the domain (names that do not include a do-

main).

Example:

The local domain’s name is company.com. The host is called pc1. The full name of the

host is pc1.company.com whereas local name in this domain is pc1.

Local names are usually stored in the database of the local DNS server (in this example,

the names are stored in the hosts file at the WinRoute host that uses the DNS module).

Set by default, the DNS module does not dial these names as names are considered non-

existent unless they can be found in the local DNS database.

If the primary server of the local domain is located outside of the local network, it is

necessary that the DNS module also dials the line if requests come from these names.

Activate the Enable dialing for local DNS names option in the Other settings tab to enable

this (at the top of the Dial On Demand dialog window). In other cases, it is recommended

to leave the option disabled (again, the line can be dialed undesirably).