DescriptionTwo files are used for DNS name resolution:
- zones.common:
used for name resolution for hosts in isolation. When resolving names
that are in the Allowed Domains list, this file is used to
determine which DNS server to send requests on behalf of the isolated
host.
- resolv.conf: used for name resolution for the appliance.
The following instructions are used when the production DNS server IP addresses need to be changed.Solution
Updating zones.common
1. In the Administration UI, navigate to System > Settings > Allowed Domains
2. Update the IP's under the banner of IP Address
3. Click Save Settings (this will take a few moments).
Updating resolv.conf (must be done on all appliances)
Single appliance:
1. Run Configuration Wizard on the Server.
http://<IP Address>:8080/configWizard
http://<Host Name of the appliance>:8080/configWizard
2. In the Basic Network screen, update the appropriate IP address under the DNS section.
3. Click Summary.
4. Click Apply (this will take a few moments).
Control Server/Application Server pair:
1. In the Application Server CLI, start the tomcat-admin service (this will allow Config Wizard to be accessible).
service tomcat-admin start
2. Run Configuration Wizard on the Application Server.
http://<IP Address>:8080/configWizard
http://<Host Name of the appliance>:8080/configWizard
3. In the Basic Network screen, update the appropriate IP address under the DNS section.
4. Click Summary.
5. Click Apply (this will take a few moments).
6. Close Configuration Wizard and stop the tomcat-admin service.
service tomcat-admin stop
7. Run Configuration Wizard on the Control Server.
8. Click Summary.
9. Click Apply.
If Configuration Wizard cannot be used:
In the CLI of each appliance, edit /etc/resolv.conf and save.
Important:
CLI method should only be used when Configuration Wizard cannot be
run. Otherwise, the next time Configuration Wizard is run, resolv.conf
will be overwritten with the old settings (unless updated).
L2 High Availability Environments
1. Update zones.common (see instructions above).
2. Update resolv.conf on the Primary Server via configWizard (see instructions above).
3. Update resolv.conf on the Secondary Server via configWizard. Access configWizard using the address of the Secondary Server.
Note: In older versions, the Secondary address may not be available in a Layer 2 High Availability configuration (Virtual IP is configured). In such cases, a modification of the /etc/hosts file on the Secondary Server is necessary. For instructions, refer to section Access Secondary Server Wizard Post HA Configuration in the High Availability reference manual in the Fortinet Document Library.