Hello,
in my firmware 7.0.0 build 2742, there is the ability to forward DNS requests by domain out a certain WAN connection. But no way to forward over SpeedFusion. Is there some command to enable that somehow?
Here’s the problem we have:
We don’t want to put a web filtering router at each location due to the cost. However, we could do a DNS filtering service. The problem with that is, the DNS filtering service cannot resolve our Active Directory domain.
Right now I can set the DNS proxy settings to our firewall at the main location for the PepVPN Connection, and then the DNS filtering service on the WAN connections. If the tunnel goes down, the Balance would use the DNS filtering service to keep resolving - and since the tunnel is down anyways, it doesn’t matter that it can’t resolve our active directory domain. This is OK, but then we are paying for a DNS filtering service that would only ever get used when the tunnel is down.
That’s not horrible I guess, it’s good to have a backup, but the thing is right now all of our web traffic goes through the main location. If we could lean on a DNS filtering service, then we can stop tunneling their web traffic through the main location and only send intranet traffic. This would save bandwidth on the VPN for intranet traffic, improving the experience overall since most locations have 200mb fiber but with our Balance 380 Rev 5’s, our tunnels are capped at 60mbit.