cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
514
Views
0
Helpful
2
Replies

DNS rewrite?

tmoreo
Level 1
Level 1

I have a client that has a Check Point firewall.

They were considering switching however there is one feature that is a must.

One feature they are using is called DNS rewrite.

For example.

Microsoft has a mail server and mail comes in as @microsoft.com. With the rewrite microsoft could also have an MX record for a misspelling like @mcrosoft.com. Now instead of 10,000 users having two mail addresses the Check Point firewall will rewrite the domain as @microsoft.com.

Does the PIX have a similar funtionality? Is that the DNS rewrite? If so does anyone have any information?

A search on Cisco.com doesn't bring up much for "DNS rewrite"

2 Replies 2

jkanclirz
Level 1
Level 1

Iam afraid this is not supported. You will need a work-around. I suggest working with DNS/MAIL admin to have all misspelled domains configured with same MX record in DNS. (this probably already done) And creating domain aliases on the MAIL server to the real domain "microsoft.com". It would be less CPU intensive if you go with aliases rather than rewriting every SMTP with new domain on a firewalls.

Thank you but they won't go that way. One deciding factor when they purchased the Check Point Firewall was this feature. It really has no impact on the CPU of the Firewall to have the rewrites. The misspelling is few and far between, however it is necessary and they have no desire to add the aliases when there is an easy solution.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: