This can be done within the VPM.
The list is created from the VPM Menu bar. This prevents the SG appliance from performing reverse DNS lookups of addresses in the list while evaluating policy.
To create the reverse DNS lookup restriction list:
- Select Configuration > Set Reverse DNS Lookup Restrictions; the Set Reverse DNS lookup restrictions dialog appears.
The default is None; no subnets are restricted.
- To restrict every subnet, select All.
- To add specific subnets, perform the following steps.
- Select Listed Subnets.
This enables the Subnets field.
- Click Add; the Add Subnet dialog appears.
- Enter a subnet or IP; click OK.
- Repeat to add other subnets or IPs.
- Click OK.
For the CPL code for the above, which can be installed via the local policy, Management Console->Configuration->Policy->Policy Files->Local Policy->Text editor->Install