TCP/IP connections to a server can be made by specifying the server's IP address, but most servers, particularly those connected to the Internet, are accessed by their DNS names.
This section contains:
To set up a stateful DNS exception to allow users to use DNS names to connect to servers accessed through the Novell BorderManager 3.7 server's public interface, complete the following steps from the main FILTCFG menu:
Select Configure TCP/IP Filters > Packet Forwarding Filters > Exceptions.
Press Ins to define a new exception.
Specify the server's private interface for the Source Interface parameter.
Specify the server's public interface for the Destination Interface parameter.
Press Enter for Packet Type > select dns/udp-st.
Press Esc > select Yes to save the filter.
IMPORTANT: If applications are configured to use DNS over TCP, you can also configure a stateful DNS exception for DNS over TCP. In Step 5, select the dns/tcp-st packet type instead of the dns/udp-st packet type.
If you do not want to configure a stateful DNS exception, you can create static filters instead.
In the direction that DNS queries will be sent, create the following static packet filter exception:
In the direction that DNS responses will be sent, create the following static packet filter exception: