Why do Reverse DNS queries not work in Prisma Access?

Why do Reverse DNS queries not work in Prisma Access?

23279
Created On 04/07/20 18:23 PM - Last Modified 07/02/20 18:21 PM


Question


Customer has internal domains configured to be queried to their internal DNS servers. Queries (Type A and AAAA) for internal domains work fine, but reverse DNS queries (PTR) does not work.

Is there any way to make reverse DNS queries to work from GlobalProtect, or if there is a way Prisma Access does not function as DNS Proxy for Internal DNS queries?

Environment


  • Prisma Access
  • Global Protect

Answer


Reverse DNS queries do not work in Prisma Access as it uses dns-proxy for DNS resolutions.

Additional Information


Workaround: Type A and AAAA queries for internal domains work, you can specify *.in-addr.arpa in a query so that Prisma Access sends all reverse DNS queries to internal DNS servers.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PPWPCA4&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language