How to redirect DNS requests to Zscaler

Platform
,
#1

We have users in office who use Zscaler via GRE tunnel. DNS Control is setup to allow DNS resolution.
If a user (or a malware) issues a DNS request explicitly targeting an internet DNS Server, we would like that to be redirected to Zscaler.

So “nslookup www.amazon.com 8.8.8.8” should not go to 8.8.8.8. Instead we want to redirect it to Zscaler for resolution.

We tried using a DNS Control policy with Action=Redirect and redirect server as one of the Global ZEN VIP: 185.46.212.88 but that fails.

Please advise how to redirect to Zscaler in such cases.

#2

Are you using Tunnel 1.0, 2.0 or tunnel with local proxy?

#3

If it’s via GRE the ZEN will automatically intercept it.

#4

Tunnel 2.0 from remote and GRE from offices

#5

If that is the case, I am good!

Just looking for some documented evidence that this is indeed the case.

Zscaler Facebook  Linkdin  Zscaler Twitter  Zscaler Youtube  Zscaler Blogs
 

Copyright 2008-2020 Zscaler™, Inc.Zscaler™, SHIFT™, Direct-to-Cloud™, ZPA™, and The Cloud-First Architect™ are trademarks or registered trademarks of Zscaler, Inc.in the United States and/or other countries. All other trademarks are the property of their respective owners.