Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ursyathi
Newcomer I
‎07-05-2023 02:09 AM
‎07-05-2023 02:09 AM

Private DNS behind Palo Alto is not resolving Name Servers

We are using private DNS zones for our internal sites. We are connected to the cloud by site to site vpn on palo alto and until recently our private domains have stopped resolving and name servers are not finding their way. Using dig command I am able to cache some of the addresses on palo alto  but they get deleted right away but not all so for now I have added static entries for DNS proxy but the issue is that anything behind a load balancer or with wild card is not working. Is there a work around to this as this seems to be a bug of palo alto?

 
Reply
0 Kudos
1 Reply
Early_Adopter
Community Champion
‎07-05-2023 06:39 AM
‎07-05-2023 06:39 AM

Do you know, I'd submit a ticket to Palo Alto for this one...

However, if not, and you're looking for the world's worst support I think you should probably make sure you're running Windows Server 2000 or lower on all network nodes.
Anything that won't install Windows Server 2000 or lower, try smashing it with a claw hammer.
Then change your DNS from BIND to TinyDNS and set TTL to nine million...
Then set TTL to 0, and if that doesn't work, scrap it(DNS) altogether and use WINS(b & p nodes) for name resolution!

I'm assuming you're running dig from the CLI of the PAN box, so you really need to get their help, tech support here is horrible.
Reply