Transition Production Traffic
After successful testing, begin utilizing the VAs for production DNS traffic.
|
The Secure Access VAs must be the only servers listed as DNS servers. Using a mixture of the VAs and other types of DNS servers is not supported.
|
In most network environments using Windows Server, local IP addressing is handled through the DHCP Manager. To update your endpoints' DNS settings to point to the VAs, change the DNS Servers in your DHCP scope options.
- Open DHCP Manager and navigate to Start > Administrative Tools > DHCP.
- Select IPv4 or specific scope, if applicable.
- Right-click Server Options or Scope Options.
- Select 006 DNS Servers, remove
ALL the existing local DNS servers, and add the IP addresses of the VAs.
The VAs must be the only DNS servers in this list. It is not possible to use a mixture of VAs and other DNS servers.
After updating the DNS Servers in the DHCP options, wait for the DHCP leases on the endpoints to expire and see the new changes. In most cases, DHCP lease durations are seven days or less, but sometimes may be set to higher values. We recommend verifying the DHCP lease duration in the DHCP Manager.
Unfortunately, there is no easy way to force an immediate DHCP lease renewal. One method is to use a Group Policy Object to deploy and execute a batch file with the ipconfig /renew command in it; this would cause the endpoints to recognize the VAs as their DNS servers.