Using the Gateway Enforcer as a DNS spoofing server

Article:HOWTO81723  |  Created: 2012-10-25  |  Updated: 2012-10-25  |  Article URL http://www.symantec.com/docs/HOWTO81723
Article Type
How To


Subject


Using the Gateway Enforcer as a DNS spoofing server

When guest enforcement is enabled, the Gateway Enforcer provides DNS spoofing functionality. You cannot use this feature unless guest enforcement is enabled.

The enabled mode routes URL requests to the Gateway Enforcer instead of a remediation Web site. To activate this functionality, you must provide an IP address as the answer in a DNS response packet.

See Establishing communication between a Gateway Enforcer appliance and a Symantec Endpoint Protection Manager through a management server list and the conf.properties file.

To use the Gateway Enforcer as a DNS spoofing server

  1. Log on to the Gateway Enforcer appliance as a superuser.

  2. Type the following command:

    Enforcer#configure advanced

  3. Type the following command:

    Enforcer (advanced)# dns-spoofing enable |use_local_ip | dns_spoofing_ip

  4. You can use the Gateway Enforcer's IP address or set a custom IP address.

    To use the Gateway Enforcer's IP address

    Enforcer (advanced)# dns-spoofing use-local-ip enable

    To set a custom IP address

    Enforcer (advanced)# dns-spoofing-ip IP_ADDRESS

    Where:

    IP_ADDRESS is your selected IP address

To disable DNS spoofing, type the following command:

Enforcer (advanced)# dns-spoofing disable

To check DNS spoofing status, type the following command:

Enforcer (advanced)# show

The status shows the DNS spoofing feature as ENABLED or DISABLED.


Legacy ID



v33224547_v81664632


Article URL http://www.symantec.com/docs/HOWTO81723


Terms of use for this information are found in Legal Notices