How to control Internet access using computer Hostname

book

Article ID: 168448

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

You want to configure ProxySG appliance rules to control traffic using computer Hostname.

Resolution

  1.  Make sure the internal DNS server is able to resolve a client IP address to computer Hostname.
  2. To confirm, use nslookup "client.ip.address" or "ping -a client.ip.address" to resolve to client host name.
    Example: client host: CS764, Domain: kldev.bluecoat.com

    nslookup 10.107.17.111
    Name:    cs764
    Address:  10.107.17.111

    ping -a 10.107.17.111
    Pinging CS764.kldev.bluecoat.com [10.107.17.111] with 32 bytes of data:
    Reply from 10.107.17.111: bytes=32 time<1ms TTL=128
  3. You can also SSH to the ProxySG appliance and run the command test dns client.ip.address to make sure the appliance is able to resolve client host name.
    #test dns 10.107.17.111
    Performing RDNS lookup for 10.107.17.111
    Official Host Name: cs764
    Host Aliases:
    Cache TTL: 3595, cache HIT
    DNS Resolver Response: Success
  4. Create a policy rule to include a Web Access Layer, with a Source to match exactly (make sure it is the exact name) or contain a string (such as "clientA" if reverse DNS resolves clientA.example.com).

    User-added image

Attachments