Hello,
I’d like to know what some of you guys do with regards to configuring AD + Firewall DNS + DNS Filtering services and how they are structured in your local network.
Say for example, if you have a network with:
Network: 192.168.1.0/24
DNS Filtering Services: 9.9.9.9
NGFW Firewall: 192.168.1.1
Active Directory: 192.168.1.2
Do you normally set your DHCP server to set DNS as the Firewall’s address, in which case you would have the DNS settings below:
NGFW Firewall: DNS enabled, with upstream configured to 192.168.1.2 (AD), and 192.168.1.2’s upstream DNS set to 9.9.9.9 (Filtering services).
Or, do you have your DHCP server set DNS to the AD, in which case you would have the following DNS settings:
AD: DNS enabled, with upstream configured to 192.168.1.1 (NGFW), and 192.168.1.1’s upstream DNS set to 9.9.9.9.
Or a more complex one where your DHCP server set to the Firewall’s address, but the firewall is configured to forward any requests for the local AD domain to 192.168.1.2, but the rest of it through the DNS filtering services?