NGFW-ENGINEER · Question #82
NGFW-ENGINEER Question #82: Real Exam Question with Answer & Explanation
The correct answer is A: Split tunneling for DNS and specify the internal corporate domains in the "Domain" list. Configuring split tunneling for DNS with internal corporate domains ensures that DNS queries for internal resources are sent through the GlobalProtect tunnel to internal DNS servers, while public DNS queries continue to use the client’s local internet connection, enabling proper
Question
An administrator configures a GlobalProtect gateway with split tunneling for network traffic based on an access route. Users report that public web browsing works, but they cannot resolve the names of internal servers. The administrator determines that all DNS queries are being sent to the public DNS servers configured on the users' endpoints. Which GlobalProtect portal setting should be configured to resolve this issue?
Options
- ASplit tunneling for DNS and specify the internal corporate domains in the "Domain" list
- BDNS Proxy feature on the firewall to point clients to the gateway IP for DNS
- C"DNS Forwarding" option on the gateway's tunnel interface
- DNAT rule to allow DNS traffic from the GlobalProtect clients to the internal DNS servers
Explanation
Configuring split tunneling for DNS with internal corporate domains ensures that DNS queries for internal resources are sent through the GlobalProtect tunnel to internal DNS servers, while public DNS queries continue to use the client’s local internet connection, enabling proper internal name
Topics
Community Discussion
No community discussion yet for this question.