Configuring Identity services and DNS resolver services on separate Service Point v4 instances
- In the top navigation bar, click
and select
Namespaces. - Click
to add a namespace. - Add the name and description of the namespace.
- Select Cisco Umbrella integration to configure the
namespace to use the Cisco Umbrella integration. When you select this
option, you can also select Encrypt queries using DNS over
HTTPS which ensures queries that are routed to Cisco
Umbrella are encrypted.
Selecting Cisco Umbrella integration displays a message indicating that the two applicable Cisco Umbrella IP addresses have been added to the Forwarders field.
- Under Forwarders, remove the two applicable Cisco Umbrella IP addresses that were added when you selected the Cisco Umbrella integration checkbox by clicking the blue X beside the IP addresses.
- Under Forwarders, enter the IP address that is bound to the Identity service on the Service Point v4 instance configured with the Identity service.
- Under Response codes, enter one or more DNS query response codes. The DNS query response code can be one of the following: FORMERR, NOERROR, NOTAUTH, NOTIMP, NOTZONE, NXDOMAIN, NXRRSET, REFUSED, RESERVED11, RESERVED12, RESERVED13, RESERVED14, RESERVED15, SERVFAIL, YXDOMAIN, or YXRRSET.
- If required, configure any additional information required within the namespace.
- Click Save.
Once you have configured the namespace, attach the namespace to the site that is configured with the Service Point v4 instance running DNS resolver service. For more information, refer to Creating a site.
Configuring Identity services and DNS resolver services on the same Service Point v4 instance
In the following scenario, the Identity service and DNS resolver service are running on the same Service Point v4 instance. In this scenario, you must bind the Identity service to the DSR VIP of the Service Point v4 instance. For more information on configuring DSR VIPs, refer to Configuring the DSR VIP on Service Point v4.
- In the top navigation bar, click and select
Namespaces.
- Click to add a namespace.
- Add the name and description of the namespace.
- Select Cisco Umbrella integration to configure the
namespace to use the Cisco Umbrella integration. When you select this
option, you can also select Encrypt queries using DNS over
HTTPS which ensures queries that are routed to Cisco
Umbrella are encrypted.
Selecting Cisco Umbrella integration displays a message indicating that the two applicable Cisco Umbrella IP addresses have been added to the Forwarders field.
- Under Forwarders, remove the two applicable Cisco Umbrella IP addresses that were added when you selected the Cisco Umbrella integration checkbox by clicking the blue X beside the IP addresses.
- Under Forwarders, enter the DSR VIP that is bound to the Identity service on the Service Point v4.
- Under Response codes, enter one or more DNS query response codes. The DNS query response code can be one of the following: FORMERR, NOERROR, NOTAUTH, NOTIMP, NOTZONE, NXDOMAIN, NXRRSET, REFUSED, RESERVED11, RESERVED12, RESERVED13, RESERVED14, RESERVED15, SERVFAIL, YXDOMAIN, or YXRRSET.
- If required, configure any additional information required within the namespace.
- Click Save.
Once you have configured the namespace, attach the namespace to the site that is configured with the Service Point v4 instance. For more information, refer to Creating a site.