...
- Grid: From the Data Management tab, select the Security tab, and then click Grid Security Properties from the Toolbar.
Member: From the Data Management tab, select the Security tab -> Members tab -> member checkbox, and then click the Edit icon.
Profiles: From the Data Management tab, select the Security tab -> Profiles tab -> profile checkbox, and then click the Edit icon. - In the Grid Security Properties or Member Security Properties editor, select the Threat Protection tab -> Advanced tab, and complete the following:
Disable multiple DNS requests via single TCP session: This is selected by default to avoid accepting possible malicious data following a valid DNS request. When this is selected, the appliance handles the initial DNS request through TCP and then terminates the TCP session to block subsequent DNS traffic, except for an SOA query sent by a client that is accepted in the allow-transfer ACL. This exception covers the case in which an AXFR query follows the SOA query through the same TCP connection. This field is read-only when you use a threat protection profile instead of a ruleset. For more information, see Configuring Grid Security Properties.
Note title Note TheĀ DisablemultipleDNSrequestsviasingleTCPsession checkbox is enabled by default when Advanced DNS Protection is enabled.
...
- Save the configuration.