Chapter 51 System
ZyWALL / USG (ZLD) CLI Reference Guide
322
51.6.3 DNS Command Examples
This command sets an A record that specifies the mapping of a fully qualified domain name
(www.abc.com) to an IP address (210.17.2.13).
This command displays security options configured for the customized and default rules.
51.7 Authentication Server Overview
The ZyWALL / USG can also work as a RADIUS server to exchange messages with other APs for
user authentication and authorization.
ip dns security-options { default | 1 }] Selects to use the default security option or profile ‘1’. The
default allows any address to use additional-from-cache and
recursion.
name DNS_OPTIONS_NAME Names the DNS security options profile.
no address-object-group { any | PROFILE} Sets the address object to be any or a previously created one. no
removes the address object from this DNS security options profile.
no additional-from-cache activate Activated allows the ZyWALL / USG to reply to queries with
previosuly cached DNS requests. Deactivated (no) does not.
no recursion activate Activated recursion allows the ZyWALL / USG to forward queries it
can’t find in its DNS database. Deactivated (no) does not.
Table 195 Command Summary: DNS (continued)
COMMAND DESCRIPTION
Router# configure terminal
Router(config)# ip dns server a-record www.abc.com 210.17.2.13
Router# configure terminal
Router(config)# show ip dns security-options all
security option rule: 1
Name: Customize
Address Object: RFC1918_1, RFC1918_2, RFC1918_3
Additional Info from Cache: allow
Recursion Query: deny
security option rule: default
Name: Default
Address Object: any
Additional Info from Cache: allow
Recursion Query: allow
Router(config)#
To Next Page
Loading...
